AlephZero side of asset will worth less -> which can lead to loss of funds for users of that assets on AZ
Description
The owner can accidentally (or potentially maliciously) transfer out a locked ERC20 or WETH from the ETH side of the bridge via recoverERC20() and recoverNative() that is still used (not-locked) on AlephZero. This means that the amount of "recovered" ERC20 will have no backing on ETH which can lead to serious consequences.
Most.sol - recoverERC20()
function recoverERC20(
address token,
address to,
uint256 amount
) external onlyOwner {
IERC20(token).safeTransfer(to, amount);
}
Proof of Concept
Accident scenario
10_000WETH locked in ETH side / 1_000WETH locked on AZ side
owner executes recoverERC20(), by mistake for 1000WETH instead of 10WETH
Market will start to value AZWETH less (1 / 0.9) -> which could lead to price dropping further
People start to bridge back to ETH from AZ for arbitrage because price is unimpacted on ETH (even if bridge is paused people might be panic selling their AZ assets)
Last users to bridge couldn't bridge funds because the funds are unbacked on ETH
Note: I debated myself on the severity, and I decided on medium since this could have a serious impact, but it requires either a malicious owner or accident from the side of the owner and the role is assumed to be behind a multi-sig so it's low likelihood. High impact + low likelihood = medium severity.
Github username: @0xfuje Twitter username: 0xfuje Submission hash (on-chain): 0x0cc5d64fcb1309e8ea2a654336ebcb870e364cc55ea00ec7eed9ab765aec8c5b Severity: medium
Description:
Impact
AlephZero
side of asset will worth less -> which can lead to loss of funds for users of that assets onAZ
Description
The owner can accidentally (or potentially maliciously) transfer out a locked
ERC20
orWETH
from the ETH side of the bridge viarecoverERC20()
andrecoverNative()
that is still used (not-locked) on AlephZero. This means that the amount of "recovered"ERC20
will have no backing onETH
which can lead to serious consequences.Most.sol
-recoverERC20()
Proof of Concept
Accident scenario
10_000
WETH
locked inETH
side /1_000
WETH
locked onAZ
sideowner
executesrecoverERC20()
, by mistake for1000
WETH
instead of10
WETH
AZ
WETH
less (1 / 0.9) -> which could lead to price dropping furtherETH
fromAZ
for arbitrage because price is unimpacted onETH
(even if bridge is paused people might be panic selling theirAZ
assets)ETH
Note: I debated myself on the severity, and I decided on medium since this could have a serious impact, but it requires either a malicious owner or accident from the side of the owner and the role is assumed to be behind a multi-sig so it's low likelihood. High impact + low likelihood = medium severity.
Recommendation
*To be added in comments later