Closed sherlock-admin closed 1 year ago
I'm trying to understand the attack scenario here. what I got so far:
User calls createStream
on chain A but sends funds to the stream on chain B by mistake?
then an attacker can deploy createStream
on chain B? I think for that to work the StreamFactory
needs to be deployed on chain B with the same address.
We currently only plan to deploy to ethereum.
And even if StreamFactory is deployed on chain B, even if there was replay protection, the funds would still be lost.
So I'm not exactly sure how this replay protection helps.
0xSmartContract
medium
Cross-chain replay attacks are possible with
createStream()
Summary
StreamFactory.sol#L202
Mistakes made on one chain can be re-applied to a new chain
There is no chain.id in the createStream() function data
Vulnerability Detail
Mistakes made on one chain can be re-applied to a new chain
There is no chain.id in the createStream() function data
Impact
If a user does
createStream()
using the wrong network, an attacker can replay the action on the correct chain, and steal the funds a-la the wintermute gnosis safe attack, where the attacker can create the same address that the user tried to, and steal the funds from therehttps://mirror.xyz/0xbuidlerdao.eth/lOE5VN-BHI0olGOXe27F0auviIuoSlnou_9t3XRJseY
Code Snippet
StreamFactory.sol#L202
Tool used
Manual Review
Recommendation
Include the chain.id in
createStream()
functionReplay attacks usually come into play when a chain undergoes a hard fork and hence we start hearing a bit more about them when such an event is on the horizon.
During the first Ethereum split, between ETH and ETH Classic, this became an issue as ETH classic did not have replay protection built in. However, the ETH community resolved this by introducing a field called ChainID which is unique to each EVM-based chain.
The ETHW community has decided to use the ChainID 10001. Thereby automatically protecting the chains against replay attacks.