albahaca0000 - Replay Attack Vulnerability in `relayMessage` Function

[sherlock-admin3]

albahaca0000

Medium

Replay Attack Vulnerability in relayMessage Function

Summary

The relayMessage function is susceptible to replay attacks if the uniqueness and immutability of the versionedHash are not properly enforced across all related contract instances and chain contexts.

Code in Question:

function relayMessage(
    uint256 _nonce,
    address _sender,
    address _target,
    uint256 _value,
    uint256 _minGasLimit,
    bytes calldata _message
)
    external
    payable
    override
{
    bytes32 versionedHash =
        Hashing.hashCrossDomainMessageV1(_nonce, _sender, _target, _value, _minGasLimit, _message);

    require(successfulMessages[versionedHash] == false, "CrossDomainMessenger: message has already been relayed");

    (bool success,) = _target.call{gas: _minGasLimit, value: _value}(_message);

    if (success) {
        successfulMessages[versionedHash] = true;
        emit RelayedMessage(versionedHash);
    } else {
        failedMessages[versionedHash] = true;
        emit FailedRelayedMessage(versionedHash);
    }
}

https://github.com/sherlock-audit/2024-08-tokamak-network/blob/main/tokamak-thanos/packages/tokamak/contracts-bedrock/src/L1/L1CrossDomainMessenger.sol#L222

Root Cause

No response

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

No response

Impact

No response

PoC

No response

Mitigation

Modify the versionedHash calculation to include more context, such as chain ID, and implement global nonce management:

bytes32 versionedHash =
    Hashing.hashCrossDomainMessageV1(_nonce, _sender, _target, _value, _minGasLimit, _message, block.chainid);

And ensure block.chainid or similar identifier is used in all instances where this function is utilized.

This modification will prevent the same message from being accepted on different chains or instances, effectively mitigating replay attacks.