-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
wallets may be in risk if it have different owner of the fisrt owners when the wallet was deployed #46
Comments
raymondfam marked the issue as sufficient quality report |
raymondfam marked the issue as primary issue |
Seems valid barring a secured and smooth SCW deployment on various chains for the same address. |
raymondfam marked the issue as duplicate of #68 |
3docSec marked the issue as not a duplicate |
3docSec changed the severity to QA (Quality Assurance) |
In case of loss of trust in one of the original owners, users can (and should!) create a wallet with a different address in the new chain. The code in scope makes no assumption that a given user The user privileging the UX of having the same address over the security of barring a disgraced owner would be a user mistake. |
3docSec marked the issue as grade-b |
Lines of code
https://github.com/code-423n4/2024-03-coinbase/blob/e0573369b865d47fed778de00a7b6df65ab1744e/src/SmartWallet/CoinbaseSmartWalletFactory.sol#L49
Vulnerability details
When user wants create a wallet he has to call the createAccount function in the factory, this functions is taking the owner by a salt:
[Link]
Note that user have to deploy the wallet with the same owner and nonces if they want the same address for the wallet in others chain.
The problem is that if a user changed some owners (addOwnerAddress,removeOwnerAtIndex) whether the signature have chain id or not, the user need to pass the first owners to deploy the wallet in other chains.
Consider the next scenario:
At this point the compromised owner wallet can do bad thing due he is an owner in other chain of the wallet, bad thing like stole money from the wallet, delete owners, etc
Impact
User may not be capable to create another wallet in other chain because he need the all owner of the wallet, one of this owners can be a compromised wallet who can steal funds.
Proof of Concept
As you can see below, the salt for a new wallet has to be the first owners of the wallet to get the same address:
[Link]
This can be problematic if the owners of the wallet was already changed.
Tools Used
Manual.
Recommended Mitigation Steps
The most straightforward solution if change the the way that the salt is got it instead of owner this can be some other string passed by the user.
Assessed type
Other
The text was updated successfully, but these errors were encountered: