Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Project.changeOrder can be called multiple times with same signature #162

Closed
code423n4 opened this issue Aug 6, 2022 · 1 comment
Closed

Project.changeOrder can be called multiple times with same signature #162

code423n4 opened this issue Aug 6, 2022 · 1 comment
Labels
3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working duplicate This issue or pull request already exists sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") valid

Comments

@code423n4
Copy link
Contributor

Lines of code

https://github.com/code-423n4/2022-08-rigor/blob/5ab7ea84a1516cb726421ef690af5bc41029f88f/contracts/Project.sol#L386

Vulnerability details

Impact

There are no nonces as part of the data for updating tasks in function changeOrder. It is possible that a builder and sub-contractor might agree to a price increase, followed by another price increase later by signing appropriate messages. However, the builder can replay the original message and signature reducing the price down to the first price which is lower than the final price.

Proof of Concept

  • Assume builder has no contractor but does have sub-contractors
  • Builder and sub-contractor signed message to change task 1 cost from $500 to $600
  • Later, when they realise things are going to cost more, the builder and sub-contractor sign a new message to change task 1 cost from $600 to $1000.
  • Builder replays the first signed message to reduce the cost of task 1 back down to $600
  • when setComplete is eventually called the sub-contractor only gets $600 even though a new agreement existed for $1000.

Recommended Mitigation Steps

Add a nonce field to the Task struct and make the nonce part of the changeOrder function. See below.

diff --git a/contracts/Project.sol b/contracts/Project.sol
index 4a1dcf5..ddb480c 100644
--- a/contracts/Project.sol
+++ b/contracts/Project.sol
@@ -393,8 +393,9 @@ contract Project is
             uint256 _taskID,
             address _newSC,
             uint256 _newCost,
+            uint256 _nonce,
             address _project
-        ) = abi.decode(_data, (uint256, address, uint256, address));
+        ) = abi.decode(_data, (uint256, address, uint256, uint256, address));

         // If the sender is disputes contract, then do not check for signatures.
         if (_msgSender() != disputes) {
@@ -404,6 +405,8 @@ contract Project is

         // Revert if decoded project address does not match this contract. Indicating incorrect _data.
         require(_project == address(this), "Project::!projectAddress");
+        require(_nonce == tasks[_taskID].nonce,"Project::!nonce");
+        tasks[_taskID].nonce = tasks[_taskID].nonce + 1;

diff --git a/contracts/libraries/Tasks.sol b/contracts/libraries/Tasks.sol
index a7b4815..d186beb 100644
--- a/contracts/libraries/Tasks.sol
+++ b/contracts/libraries/Tasks.sol
@@ -13,6 +13,7 @@ struct Task {
     address subcontractor; // Subcontractor of task
     // Lifecycle //
     TaskStatus state; // Status of task
+    uint256 nonce; // Nonce used for changing orders
     mapping(uint256 => bool) alerts; // Alerts of task
 }
@code423n4 code423n4 added 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value bug Something isn't working labels Aug 6, 2022
code423n4 added a commit that referenced this issue Aug 6, 2022
@code423n4
sseefried issue #162
eee4827
@parv3213 parv3213 added the sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") label Aug 17, 2022
This was referenced Aug 17, 2022
Closed
Closed
@parv3213
Copy link
Collaborator

Duplicate of #339. But good recommendation.

@jack-the-pug jack-the-pug added 3 (High Risk) Assets can be stolen/lost/compromised directly duplicate This issue or pull request already exists valid and removed 2 (Med Risk) Assets not at direct risk, but function/availability of the protocol could be impacted or leak value labels Aug 27, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working duplicate This issue or pull request already exists sponsor confirmed Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity") valid
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@parv3213 @code423n4 @jack-the-pug