Messages are vulnerable to cross-chain replay attacks
Summary
Messages are vulnerable to cross-chain replay attacks
Vulnerability Detail
If there's a hard fork, messages can be replayed on the forked chain.
Impact
In current implementation, the messages doesn't block.chainid, so if hard fork happens, the message can be replayed in the forked chain. Since the message can be used to transfer ETH/ERC20/data, assets might be lost.
jasonxiale
medium
Messages are vulnerable to cross-chain replay attacks
Summary
Messages are vulnerable to cross-chain replay attacks
Vulnerability Detail
If there's a hard fork, messages can be replayed on the forked chain.
Impact
In current implementation, the messages doesn't
block.chainid
, so if hard fork happens, the message can be replayed in the forked chain. Since the message can be used to transfer ETH/ERC20/data, assets might be lost.Code Snippet
https://github.com/sherlock-audit/2023-12-avail/blob/main/contracts/src/AvailBridge.sol#L314-L316
https://github.com/sherlock-audit/2023-12-avail/blob/main/contracts/src/AvailBridge.sol#L334-L342
https://github.com/sherlock-audit/2023-12-avail/blob/main/contracts/src/AvailBridge.sol#L361-L369
https://github.com/sherlock-audit/2023-12-avail/blob/main/contracts/src/AvailBridge.sol#L396-L404
In the above code snippets, the messages doesn't
block.chainid
, so when verify the message on the forked chain, the message should also be valid.Tool used
Manual Review
Recommendation
Include the
block.chainid
of src-chain and dst-chain in the message.