TxSerializerLib is abstract contract which supports the serilization process. The contract has the function serializeTx which will load the state variable in storage and update for serilization.
This has been called in serializeOutgoingTransaction and in enrichSigHash with onlyRelayer modifier. i.e, this function.
but if we look at the function serializeTx, it does not have any accesss control. anyone can call with input argument that would mutuate the state.
Attack Scenario\
Anyone can call and update the state varibale value in storage.
Attachments
Revised Code File (Optional)
Since the function is called with ralyer modifier, it would be safe to have it with internal access. so that outside access will be restricted.
party-for-illuminati
commented
4 months ago
Github username: -- Twitter username: -- Submission hash (on-chain): 0x3a1a2feda6f7e2beca5b13768f307319ec7be925708aceb726690e688e2c6807 Severity: medium
Description: Description\
TxSerializerLibis abstract contract which supports the serilization process. The contract has the functionserializeTxwhich will load the state variable in storage and update for serilization. This has been called in serializeOutgoingTransaction and in enrichSigHash withonlyRelayermodifier. i.e, this function.but if we look at the function serializeTx, it does not have any accesss control. anyone can call with input argument that would mutuate the state.
Attack Scenario\
Anyone can call and update the state varibale value in storage.
Attachments
Since the function is called with ralyer modifier, it would be safe to have it with internal access. so that outside access will be restricted.