blacklistDisputeGame function will blacklist correctly resolved dispute games
Summary
The vulnerability in the OptimismPortal2 contract stems from the lack of verification in the blacklistDisputeGame function, allowing any dispute game to be blacklisted without ensuring that it has resolved incorrectly. This oversight can lead to potential disruptions in system operation and undermine the integrity and functionality of the optimistic rollup system.
Vulnerability Detail
The vulnerability lies in the blacklistDisputeGame function of the OptimismPortal2 contract. This function allows any dispute game to be blacklisted without verifying whether the dispute game has actually resolved incorrectly. The lack of verification means that correctly resolved dispute games can also be blacklisted, leading to potential denial of service or other unintended consequences.
/// @notice Blacklists a dispute game. Should only be used in the event that a dispute game resolves incorrectly.
/// @param _disputeGame Dispute game to blacklist.
function blacklistDisputeGame(IDisputeGame _disputeGame) external {
require(msg.sender == guardian(), "OptimismPortal: only the guardian can blacklist dispute games");
disputeGameBlacklist[_disputeGame] = true;
}
The function blacklistDisputeGame does not check whether the dispute game being blacklisted has resolved incorrectly. It only checks whether the sender is the guardian, who has the authority to perform this action.
Without verification of resolution correctness, the function can be misused to blacklist dispute games arbitrarily, regardless of their resolution status. This means that dispute games that have resolved correctly can also be blacklisted, which may lead to unintended consequences such as blocking legitimate transactions or impairing the functionality of the system.
The vulnerability contradicts the documentation's guidance that the function should only be used in the event that a dispute game resolves incorrectly. By allowing any dispute game to be blacklisted without verification, the contract deviates from the intended usage specified in the documentation.
Impact
Arbitrarily blacklisting dispute games, including those that have resolved correctly, can disrupt the operation of the system. Legitimate transactions may be blocked, leading to a denial of service for users. Also, Blacklisting correctly resolved dispute games may impair the functionality of the system by preventing valid transactions from being processed or by interfering with the resolution of future disputes.
Modify the blacklistDisputeGame function to verify the resolution status of the dispute game before allowing it to be blacklisted. This can be achieved by checking whether the dispute game has resolved incorrectly based on its status or other relevant parameters.
bigbick123456789000
medium
blacklistDisputeGame
function will blacklist correctly resolved dispute gamesSummary
The vulnerability in the
OptimismPortal2
contract stems from the lack of verification in theblacklistDisputeGame
function, allowing any dispute game to be blacklisted without ensuring that it has resolved incorrectly. This oversight can lead to potential disruptions in system operation and undermine the integrity and functionality of the optimistic rollup system.Vulnerability Detail
The vulnerability lies in the
blacklistDisputeGame
function of theOptimismPortal2
contract. This function allows any dispute game to be blacklisted without verifying whether the dispute game has actually resolved incorrectly. The lack of verification means that correctly resolved dispute games can also be blacklisted, leading to potential denial of service or other unintended consequences.The function
blacklistDisputeGame
does not check whether the dispute game being blacklisted has resolved incorrectly. It only checks whether the sender is the guardian, who has the authority to perform this action. Without verification of resolution correctness, the function can be misused to blacklist dispute games arbitrarily, regardless of their resolution status. This means that dispute games that have resolved correctly can also be blacklisted, which may lead to unintended consequences such as blocking legitimate transactions or impairing the functionality of the system. The vulnerability contradicts the documentation's guidance that the function should only be used in the event that a dispute game resolves incorrectly. By allowing any dispute game to be blacklisted without verification, the contract deviates from the intended usage specified in the documentation.Impact
Arbitrarily blacklisting dispute games, including those that have resolved correctly, can disrupt the operation of the system. Legitimate transactions may be blocked, leading to a denial of service for users. Also, Blacklisting correctly resolved dispute games may impair the functionality of the system by preventing valid transactions from being processed or by interfering with the resolution of future disputes.
Code Snippet
OptimismPortal2.sol#L440-L443
Tool used
Manual Review
Recommendation
Modify the
blacklistDisputeGame
function to verify the resolution status of the dispute game before allowing it to be blacklisted. This can be achieved by checking whether the dispute game has resolved incorrectly based on its status or other relevant parameters.