The nonce parameter setting in SetOrderDelivery may fail
Summary
An externally passed, non-incremental nonce in SetOrderDelivery will cause order processing errors for the owner as the system may process invalid or replayed orders without proper verification and assignment of the nonce parameter.
Root Cause
In oapp_lz_receive.rs:94-99, the nonce is first incremented for verification and then assigned to vault_authority.inbound_nonce.
But in set_order_delivery.rs, nonce does not perform any verification measures and is directly assigned.
ctx.accounts.vault_authority.inbound_nonce = params.nonce;
Internal pre-conditions
No response
External pre-conditions
No response
Attack Path
Set the nonce to any value of a previously transacted nonce
Impact
It will cause order processing errors and allow invalid or replayed orders.
Jovial Lilac Sloth
High
The
nonceparameter setting inSetOrderDeliverymay failSummary
An externally passed, non-incremental nonce in SetOrderDelivery will cause order processing errors for the owner as the system may process invalid or replayed orders without proper verification and assignment of the nonce parameter.
Root Cause
In
oapp_lz_receive.rs:94-99, thenonceis first incremented for verification and then assigned tovault_authority.inbound_nonce.But in
set_order_delivery.rs,noncedoes not perform any verification measures and is directly assigned.ctx.accounts.vault_authority.inbound_nonce = params.nonce;Internal pre-conditions
No response
External pre-conditions
No response
Attack Path
Set the nonce to any value of a previously transacted nonce
Impact
It will cause order processing errors and allow invalid or replayed orders.
PoC
No response
Mitigation
Check the increment of the nonce value