Skip to content
This repository has been archived by the owner on May 26, 2023. It is now read-only.

Latest commit

 

History

History
41 lines (26 loc) · 1.45 KB

076.md

File metadata and controls

41 lines (26 loc) · 1.45 KB

csanuragjain

low

Collission allows to steal token

Summary

On L1 to L2 transfer if msg.sender is a contract then funds are minted to alias of the contract on L2 side. If the alias happen to be an existing contract on L2 then

Vulnerability Detail

  1. User deposits funds to L2 using a contract C1. User uses depositTransaction function

  2. Since sender is contract so an alias is used for the "from" address

address from = msg.sender;
        if (msg.sender != tx.origin) {
            from = AddressAliasHelper.applyL1ToL2Alias(msg.sender);
        }
  1. Now lets say this alias was C2 and a contract actually existed at C2 which transfer all eth received

  2. The deposit transaction mints "from" alias address with the ETH. Since alias is C2 so funds goes to C2 which immediately wipes it

  3. Since C2 does not have funds so User transaction fails.

  4. Attacker has gained the eth sent from C1

Impact

Once funds are minted on alias attacker contract, the malicious contract can immediately wipe the eth balance. Thus user will lose funds

Code Snippet

https://github.com/sherlock-audit/2023-01-optimism/blob/main/optimism/packages/contracts-bedrock/contracts/L1/OptimismPortal.sol#L377

Tool used

Manual Review

Recommendation

Check that alias of contract initiating the L1 transaction is not a contract on L2