Lack of 18 Decimal Scaling in Balance Update in restoreBridgeTransaction Function in BridgeFacetImpl Library
Summary
The suspendBridgeTransaction() function in the BridgeFacet contract is designed to suspend a specific bridge transaction. A user with the DISPUTE_ROLE can restore the previously suspended bridge transaction and update the valid transaction amount through the restoreBridgeTransaction function by calling restoreBridgeTransaction from the BridgeFacetImpl library.
The issue is that the restoreBridgeTransaction function in the BridgeFacetImpl library does not perform 18 decimal scaling in the balance update when subtracting the validAmount from bridgeTransaction.amount. This is in contrast to the transferToBridge function, which correctly scales amounts to 18 decimals before updating balances.
Vulnerability Detail
The code in the restoreBridgeTransaction function that updates the balance does not scale the amounts to 18 decimals, leading to incorrect balance updates. This can result in an inconsistent state where the balances are not properly adjusted based on the amount being restored.
The incorrect balance update can lead to inconsistencies in the token balances of the affected accounts. This could potentially result in loss of funds and incorrect accounting of token holdings.
Update the restoreBridgeTransaction() function to perform 18 decimal scaling when updating balances, similar to the transferToBridge function. This ensures consistency in balance updates and prevents potential issues related to incorrect token balances.
0xAadi
High
Lack of 18 Decimal Scaling in Balance Update in
restoreBridgeTransaction
Function inBridgeFacetImpl
LibrarySummary
The
suspendBridgeTransaction()
function in theBridgeFacet
contract is designed to suspend a specific bridge transaction. A user with theDISPUTE_ROLE
can restore the previously suspended bridge transaction and update the valid transaction amount through therestoreBridgeTransaction
function by callingrestoreBridgeTransaction
from theBridgeFacetImpl
library.The issue is that the
restoreBridgeTransaction
function in theBridgeFacetImpl
library does not perform 18 decimal scaling in the balance update when subtracting thevalidAmount
frombridgeTransaction.amount
. This is in contrast to thetransferToBridge
function, which correctly scales amounts to 18 decimals before updating balances.Vulnerability Detail
The code in the
restoreBridgeTransaction
function that updates the balance does not scale the amounts to 18 decimals, leading to incorrect balance updates. This can result in an inconsistent state where the balances are not properly adjusted based on the amount being restored.Impact
The incorrect balance update can lead to inconsistencies in the token balances of the affected accounts. This could potentially result in loss of funds and incorrect accounting of token holdings.
Code Snippet
https://github.com/sherlock-audit/2024-06-symmetrical-update-2/blob/f5b76ca33f5f05b927a9c0f2f57938e919d6420b/protocol-core/contracts/facets/Bridge/BridgeFacetImpl.sol#L90
Tool used
Manual Review
Recommendation
Update the
restoreBridgeTransaction()
function to perform 18 decimal scaling when updating balances, similar to thetransferToBridge
function. This ensures consistency in balance updates and prevents potential issues related to incorrect token balances.Duplicate of #5