sherlock-admin
commented
8 months ago 1 comment(s) were left on this issue during the judging contest.
takarez commented:
invalid because {invalid: watson should specify the attack vector and thus provide POC}
Anubis
medium
Potential for Front-Running in Merkle Proof Verification
Summary
The Merkle library provides a function verify for verifying Merkle proofs. While the implementation is gas-efficient, it lacks protection against front-running attacks in scenarios where it's used for critical operations.
Vulnerability Detail
The verify function in the Merkle library checks if a particular leaf is part of a Merkle tree. However, this function itself does not have any direct control over state changes in the blockchain. If used inappropriately in contracts where the result of this function leads to state changes (like updating balances, ownerships, etc.), it might make those contracts susceptible to front-running attacks.
Impact
If a contract uses this library for operations that result in significant state changes, and if the input parameters to this function can be predicted or influenced by an external actor (e.g., the leaf or the proof), there might be a risk of front-running attacks. This can lead to undesired consequences like loss of funds, unauthorized access, or other vulnerabilities, depending on how the function is utilized.
Code Snippet
https://github.com/sherlock-audit/2023-12-avail/blob/main/contracts/src/lib/Merkle.sol#L12-L16
Tool used
Manual Review
Recommendation
Ensure that any state-changing operations based on the result of the verify function are protected against front-running. This could involve: