Closed sherlock-admin2 closed 10 months ago
Invalid, it is users responsibility to provide a valid controlled mintTo
address for admin to provide merkle proof for minting.
Escalate
There is no existing docs or implemented functions to explain and let users to specify the mintTo
before migration, I think the dev hasn't realize this problem yet
Escalate
There is no existing docs or implemented functions to explain and let users to specify the
mintTo
before migration, I think the dev hasn't realize this problem yet
You've created a valid escalation!
To remove the escalation from consideration: Delete your comment.
You may delete or edit your escalation comment anytime before the 48-hour escalation window closes. After that, the escalation becomes final.
@ydspa
I maintain my previous judgement, but will loop in @neokry @Czar102 to take a look. Interesting find but ultimately I still feel like it doesn't constitute a medium given it is the users responsibility to check if they own the same wallet address in both L1 and L2.
It's too harsh to require users to ensure same smart wallet address in both L1 and L2, in many cases, it's impossible. In my opinion, the protocol should provide some on chain solution
to allow users specify their migration receipt.
we will be using aliased addresses for any smart contract wallets that hold tokens / are founders etc
mintTo
is sourced off-chain, so I don't see any programming error here. The issue would be a result of an admin (merkle tree/root) misconfiguration, which is out of scope.
Planning to reject the escalation and leave the issue as is.
Result: Invalid Unique
KingNFT
high
Part of users might lose their NFTs permanently after
L2Migration
Summary
After
L2Migration
, current design utilizesMerkleReserveMinter
for users to claim NFTs back on L2. Smart wallet users would encounter issues in this design.Vulnerability Detail
The issue here is that if members of the origin DAO are smart contract wallets such as the widely used Gnosis safe wallet, these is no guarantee that users also control the same wallet address on L2. The address on L2 might belong to others, or even doesn't exist at all.
Impact
Part of users might lose their NFTs permanently after
L2Migration
Code Snippet
https://github.com/sherlock-audit/2023-09-nounsbuilder/blob/main/nouns-protocol/src/minters/MerkleReserveMinter.sol#L66
Tool used
Manual Review
Recommendation
Maybe make a new design that allow users to do cross chain NFT transfers by 1) burn on L1 2) send a cross chain message 3) mint NFT on L2 to a target address specified by the sender