Front-running griefing attack on PerAddressContinuousVestingMerkleDistributorFactory and PerAddressTrancheVestingMerkleDistributorFactory

Summary

The deployDistributor method in PerAddressContinuousVestingMerkleDistributorFactory and PerAddressTrancheVestingMerkleDistributorFactory calls Clones.cloneDeterministic (that uses CREATE2 opcode) with a generated salt to create a deterministic address but an attacker can frontrun the call with same arguments, generate a contract in the same address and always the user transaction will revert.

Vulnerability Detail

Since the salt is not created with the msg.sender any attacker can front-run the user when calling deployDistributor with same parameters and user transaction will revert

Impact

All User transaction will fail.

Code Snippet

https://github.com/sherlock-audit/2024-05-tokensoft-distributor-contracts-update/blob/main/contracts/packages/hardhat/contracts/claim/factory/PerAddressTrancheVestingMerkleDistributorFactory.sol#L59-L61

Tool used

Recommendation

Add the msg.sender when creating the salt in both contracts: PerAddressContinuousVestingMerkleDistributorFactory and PerAddressTrancheVestingMerkleDistributorFactory

   function _getSalt(
        IERC20 _token, 
        uint256 _total, 
        string memory _uri, 
        bytes32 _merkleRoot, 
        uint160 _maxDelayTime, 
        address _owner,
        uint256 _nonce
    ) private pure returns (bytes32) {
        return keccak256(abi.encode(
            _token,
            _total,
            _uri,
            _merkleRoot,
            _maxDelayTime,
            _owner,
            msg.sender, //@audit add msg.sender here
            _nonce
        ));
    }

sherlock-audit / 2024-05-tokensoft-distributor-contracts-update-judging

nfmelendez - Front-running griefing attack on PerAddressContinuousVestingMerkleDistributorFactory and PerAddressTrancheVestingMerkleDistributorFactory #17