github-actions[bot]
commented
11 months ago Coverage after merging guard-fix into main will be
| 100.00% |
|---|
Coverage Report
| File | Stmts | Branches | Funcs | Lines | Uncovered Lines |
|---|---|---|---|---|---|
| src | |||||
| CreateX.sol | 100% | 100% | 100% | 100% | |
Closed pcaversaccio closed 11 months ago
github-actions[bot]
commented
11 months ago Coverage after merging guard-fix into main will be
| 100.00% |
|---|
| File | Stmts | Branches | Funcs | Lines | Uncovered Lines |
|---|---|---|---|---|---|
| src | |||||
| CreateX.sol | 100% | 100% | 100% | 100% | |
mds1
commented
11 months ago Great catch!
🕓 Changelog
This PR introduces a change that for the non-pseudo-random cases, the salt value
saltis hashed as part of the_guardfunction to prevent the safeguard mechanisms from being bypassed. The reason is that if someone deploys on chain A with a preconfigured mechanism, anyone can calculate the inferredguardedSaltand reuse it on chain B. Since we didn't originally modify thesaltvalue in this case, anyone could abuse this. To prevent this, we hash thesaltvalue in those cases (I deliberately don't use inline assembly to have a simple one-liner with a ternary operator which increases readability). The exception is for pseudo-randomly generated salt values, where this is unnecessary. The h/t goes to @lastperson for making me aware of this issue, thanks a lot 🙏!In the security considerations, the second section still holds true (it would only be frontrun-protected in the case
salt == _generateSalt()for the frontrunner on another chain, which would require a hash collision), but the third section is not anymore true (since if you deploy on chain A with a pseudo-random value and someone else uses this on chain B, the value will now be hashed (except for the case ifsalt == _generateSalt()which is again not likely since you would need to find a hash collision)) and thus I remove it.🐶 Cute Animal Picture