search

hats-finance / Proof-Of-Humanity-V2-0xef0709445d394a22704850c772a28a863bb780b0

Proof of Humanity Protocol v2
2 stars 1 forks source link

ERC2771 Context Vulnerability in OpenZeppelin Contracts v5.0.0 #71

Open hats-bug-reporter[bot] opened 2 months ago

hats-bug-reporter[bot] commented 2 months ago

Github username: -- Twitter username: -- Submission hash (on-chain): 0xe3f78fea5664e0a8ed097563b0655f53ea0c8a47cb8a405a1d733cc674f24489 Severity: low

Description:

ERC2771 Context Vulnerability in OpenZeppelin Contracts v5.0.0

Description

The project is using OpenZeppelin Contracts version 5.0.0, which contains a known medium severity vulnerability in the ERC2771Context contract. This vulnerability could lead to potential security risks in smart contracts that rely on this component for meta-transactions or trusted forwarder functionality.

Attack Scenario

The vulnerability in ERC2771Context allows a malicious actor to bypass the trusted forwarder check. This can occur when a contract inheriting from ERC2771Context overrides the _msgSender() function without calling the parent implementation. As a result:

  1. An attacker could directly call functions intended to be accessed only through a trusted forwarder.
  2. This bypass could lead to unauthorized actions or manipulations within the contract.
  3. The integrity of meta-transactions and the trusted forwarder pattern could be compromised.

Proof of Concept

{
  "name": "cross-chain-proof-of-humanity",
  "version": "1.0.0",
  "dependencies": {
    // ... other dependencies ...
    "@openzeppelin/contracts": "^5.0.0", // Vulnerable version
    // ... other dependencies ...
  }
}

Revised Code File

{
  "name": "cross-chain-proof-of-humanity",
  "version": "1.0.0",
  "dependencies": {
    // ... other dependencies ...
    "@openzeppelin/contracts": "^5.0.1", // Updated to the patched version
    // ... other dependencies ...
  }
}

// Explanation: Update the OpenZeppelin Contracts to version 5.0.1 or higher, which includes
// the fix for the ERC2771Context vulnerability. After updating, review and test all contracts
// that inherit from or interact with ERC2771Context to ensure they operate as expected.

Recommendation

  1. Update the OpenZeppelin Contracts library to version 5.0.2, which includes the fix for this vulnerability.
  2. Review all smart contracts in the project that inherit from or interact with ERC2771Context:
    • Ensure that any overrides of _msgSender() properly call the parent implementation.
    • Verify that the trusted forwarder pattern is correctly implemented and not bypassed.
  3. Consider implementing additional checks or safeguards around trusted forwarder functionality as an extra layer of security.

References

clesaege commented 2 months ago

The project is not using context. If you think this is wrong, please show where context is used.