John_Femi - Bridge can only be done in one direction

[sherlock-admin]

John_Femi

medium

Bridge can only be done in one direction

Summary

Based on the modifier added to all functions used for sending messages and tokens, it is seen that the contract only allows one direction for bridging.

Vulnerability Detail

The vulnerability can be found in this modifier

modifier onlySupportedDomain(uint32 originDomain, uint32 destinationDomain) {
        // @audit only allows bridging in one direction
        if (originDomain != AVAIL_DOMAIN || destinationDomain != ETH_DOMAIN) {
            revert InvalidDomain();
        }
        _;
    }

As seen in this modifier, this only allows messages/value from avail to eth chains but not eth to avail chains and as explained in the scope document this contract is to be deployed in Ethereum Mainnet, this means messages from avail to eth chains will always be reverted.

Impact

Loss of revenue/data due to bad bridging

Code Snippet

https://github.com/sherlock-audit/2023-12-avail/blob/main/contracts/src/AvailBridge.sol#L57-L62

Tool used

Manual Review

Recommendation

Ensure bi-directional bridging is done. Rewrite the modifier to be

modifier onlySupportedDomain(uint32 originDomain, uint32 destinationDomain) {
        if (originDomain == AVAIL_DOMAIN && destinationDomain == ETH_DOMAIN || destinationDomain == AVAIL_DOMAIN && originDomain == ETH_DOMAIN) {
            revert InvalidDomain();
        }
        _;
    }

[sherlock-admin]

1 comment(s) were left on this issue during the judging contest.

takarez commented:

invalid because {invalid: all the functions with that modifier are meant to be from avail to ethereum and not any other way}