jennifer37 - possible partial execution failure because of permit2 nounce used in the first partial execution

[sherlock-admin2]

jennifer37

high

possible partial execution failure because of permit2 nounce used in the first partial execution

Summary

possible partial execution failure because of permit2 nounce used in the first partial execution

Vulnerability Detail

• Trader Alice submit one order. Alice will approve permit2 with amount of input token with one nonce.
• Filler Bob takes the order to execute it partially. Filler Bob will make use of permit2 permitWitnessTransferFrom() to transfer some amount of input tokens to Bob's address. And from the view of permit, the signature with this nonce from Alice is used and should never be used.
• Filler Cathy take the order to execute it partially. When cathy wants to make use of permit2 permitWitnessTransferFrom() to transfer some amount of input tokens to Cathy's address. From the view of permit2, this signature is already used and will revert.

• Impact

  Partial order execution may fail.

Code Snippet

https://github.com/sherlock-audit/2024-02-rubicon-finance/blob/main/gladius-contracts-internal/src/reactors/GladiusReactor.sol#L115-L127

    function _permitTransferFrom(
        PermitBatchTransferFrom memory permit,
        SignatureTransferDetails[] calldata transferDetails,
        address owner,
        bytes32 dataHash,
        bytes calldata signature
    ) private {
        uint256 numPermitted = permit.permitted.length;

        if (block.timestamp > permit.deadline) revert SignatureExpired(permit.deadline);
        if (numPermitted != transferDetails.length) revert LengthMismatch();

        _useUnorderedNonce(owner, permit.nonce);
        signature.verify(_hashTypedData(dataHash), owner);

        unchecked {
            for (uint256 i = 0; i < numPermitted; ++i) {
                TokenPermissions memory permitted = permit.permitted[i];
                uint256 requestedAmount = transferDetails[i].requestedAmount;

                if (requestedAmount > permitted.amount) revert InvalidAmount(permitted.amount);

                if (requestedAmount != 0) {
                    // allow spender to specify which of the permitted tokens should be transferred
                    ERC20(permitted.token).safeTransferFrom(owner, transferDetails[i].to, requestedAmount);
                }
            }
        }
    }
    function _useUnorderedNonce(address from, uint256 nonce) internal {
        (uint256 wordPos, uint256 bitPos) = bitmapPositions(nonce);
        uint256 bit = 1 << bitPos;
        uint256 flipped = nonceBitmap[from][wordPos] ^= bit;

        if (flipped & bit == 0) revert InvalidNonce();
    }

Tool used

Manual Review

Recommendation

[sherlock-admin]

1 comment(s) were left on this issue during the judging contest.

0xAadi commented:

Invalid: Lacks details