Attacker will mint more tokens on L2 than deposited on L1
Summary
The missing validation between deposited and minted token amounts in OptimismPortal2._depositTransaction will cause a significant loss of funds for the protocol as an attacker will mint more tokens on L2 than they actually deposit on L1 through either the onApprove callback or direct depositTransaction call on the OptimismPortal2 contract.
Root Cause
In OptimismPortal2.sol, the _depositTransaction function, which is called by both onApprove and depositTransaction, does not validate that the _value parameter (amount to be minted on L2) is equal to the _mint parameter (amount transferred on L1). This allows for a mismatch between deposited and minted token amounts.
This can happen when using the OptimismPortal2 without going through the bridge or messenger, looking at the messenger code we can see that the two parameters are assumed equal.
The protocol suffers a significant loss of funds. Attackers can mint arbitrary amounts of tokens on L2 while depositing only a small amount (or potentially zero) on L1. The attacker gains the difference between the deposited amount and the minted amount on L2.
PoC
No response
Mitigation
Modify the _depositTransaction function in OptimismPortal2 to ensure that the _value parameter (amount to be minted on L2) equals the _mint parameter.
agent3bood
High
Attacker will mint more tokens on L2 than deposited on L1
Summary
The missing validation between deposited and minted token amounts in
OptimismPortal2._depositTransaction
will cause a significant loss of funds for the protocol as an attacker will mint more tokens on L2 than they actually deposit on L1 through either theonApprove
callback or directdepositTransaction
call on theOptimismPortal2
contract.Root Cause
In
OptimismPortal2.sol
, the_depositTransaction
function, which is called by bothonApprove
anddepositTransaction
, does not validate that the_value
parameter (amount to be minted on L2) is equal to the_mint
parameter (amount transferred on L1). This allows for a mismatch between deposited and minted token amounts.https://github.com/sherlock-audit/2024-08-tokamak-network/blob/main/tokamak-thanos/packages/tokamak/contracts-bedrock/src/L1/OptimismPortal2.sol#L513
This can happen when using the
OptimismPortal2
without going through the bridge or messenger, looking at the messenger code we can see that the two parameters are assumed equal.https://github.com/sherlock-audit/2024-08-tokamak-network/blob/main/tokamak-thanos/packages/tokamak/contracts-bedrock/src/L1/L1CrossDomainMessenger.sol#L79
Internal pre-conditions
No specific pre-conditions are required.
External pre-conditions
No specific pre-conditions are required.
Attack Path
approveAndCall
on the native token contract or to directly calldepositTransaction
onOptimismPortal2
.OptimismPortal2
by callingnativeTOken.approveAndCall(..., data)
.data
parameter, attacker specifies a much largervalue
.OptimismPortal2.onApprove
will extract thevalue
from the user specifieddata
and call_depositTransaction
_mint
value and a larger_value
._depositTransaction
will get called which will_mint
amount from the user_value
amount to the L2 receiverTransactionDeposited
event_value
in the opaque data.Impact
The protocol suffers a significant loss of funds. Attackers can mint arbitrary amounts of tokens on L2 while depositing only a small amount (or potentially zero) on L1. The attacker gains the difference between the deposited amount and the minted amount on L2.
PoC
No response
Mitigation
Modify the
_depositTransaction
function inOptimismPortal2
to ensure that the_value
parameter (amount to be minted on L2) equals the_mint
parameter.