-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cross Chain Replayability will be broken for Smart Accounts using MagicSpend.sol
as their PayMaster.
#98
Comments
raymondfam marked the issue as sufficient quality report |
raymondfam marked the issue as primary issue |
Replayability would break indeed. |
This is correct. A replayable transaction with a paymasterAndData field would need to ensure that this is valid across all chains. This is not specific to Magic Spend and not something we plan to mitigate. |
wilsoncusack marked the issue as disagree with severity |
wilsoncusack (sponsor) acknowledged |
To be fair, I don't have enough information to evaluate the probability of rejection (that is, how many users request MagicSpend to sponsor replayable UserOperations over those who don't). In doubt, I consider this a valid Medium, because the claim is right and well-argued. |
3docSec marked the issue as satisfactory |
I think it is up to wallet clients to know the limitations of using paymasters with replayable transactions. This is not something we were trying to solve for. |
3docSec changed the severity to QA (Quality Assurance) |
3docSec marked the issue as grade-a |
Hi @3docSec Firstly this issue has been reviewed and has been deemed of medium severity by the 2 reputable Judges and even the sponsor namely However, with it not tallying to hypothetical plans, the sponsor currently disagreed with the severity which is fairly understandable but notwithstanding the issue still stands as valid as per code4rena issue categorization and the fix is good, based on the Readme, the documentation and the codebase given to the wardens as at the time of the contest.
However, the argument we pose here concerns the severity of the issue, as after analyzing the code4rena severity categorization we have seen that this issue falls under the high severity label because:
The Report fulfills the above as:
Here you can see that this report highlights two separate issues concerning cross-chain replayability:
With the following reasons, we believe that this report is qualified for the high severity label. We request this issue be reevaluated, and considered with sensitivity to be fair to the wardens who submitted the issue, by the honorable Judge. |
Hi, next time, please use 2 reports to report two findings (replayable messages can't be replayed when sponsored via MagicSpend / replayed transactions sponsored via MagicSpend double-spend the sponsored amounts). Putting these 2 root causes together actually explains why the sponsor does not want to allow replaying MagicSpend sponsored transactions. It makes perfect sense: if they allowed it, they would have suffered the high-impact finding. To summarize, the high impact is not valid because MagicSpend-sponsored transactions are not replay-able, and the med impact of them not being replay-able is therefore not a bug but the way the sponsor took to avoid the high impact. QA stands still here, I am now more confident of it 😅; speaking of, I had another judge confirm the downgrade to QA and they agreed with the choice. |
hello, Good morning @3docSec
But we think there is confusion here,
The cross-chain replayable feature was included in the docs, and also other bugs have been found around this feature in other reports that have already been deemed valid, The documentation and the code highlight the plans to use this feature. It is stated that the only source of truth to a contest is the code and the documentation/readme, all these include this in them, and not anything said after a contest
you said a high finding is not valid, however, the magic spend is the main core of the protocol on which they intend to launch on all chains, and it is used as paymaster for the users of the coin base protocol, every user ops depends on it as the paymaster however including it in the user ops will DOS their transaction to replay on all chains which as per c4 history is a valid medium at least, then you said the sponsor don't plan to use it on user based transaction but such was seen as to the understanding of the documentation, please reevaluate this finding sir. |
However, the decision to downgrade by another Judge doesn't seem to align with the ideas behind this finding, as you previous stated it was a valid medium because you had a full context of the protocol at hand and you understood the issue at hand, another other eye might not grasp the entirety of the issue we've submitted. |
You can rest assured, the finding is definitely not overlooked. Funds are safe precisely because a MagicSpend approval can't be reused cross-chain, and your report helped prove it. |
Isn't that the bug, as per the expected functionality? In the documentation this should be allowed(as it is a functionality of the protocol) but the report proves otherwise, the functionality here is broken. |
The functionality is the reason why #114 is valid, but here we have shown that this functionality is broken due to the magic spend which is the core engine to the protocol and every user operation. |
The sponsor made it very clear that You are free to source documentation that explicitly says otherwise, and we'll let the sponsors know they might want to fix the doc. |
The magic spend is the one that funds the user ops to be replayed on different chains permissionlessly |
Please @3docSec |
ERC-4337 EntryPoint tx do not require a paymaster. |
hi @McCoady |
The point here is exempting the use of the magic spend, which in its absence the SCW would be like any other AA, but this protocol intends to make life easier for the user via the use of magic spend, but when used the replayability is DOSed |
The sponsor contradicted this statement with their comment:
You made your point @shealtielanz , repeating it multiple times without new evidence won't make it more convincing; considering that you've been already warned you may want to review carefully the backstage guidelines. |
Lines of code
https://github.com/code-423n4/2024-03-coinbase/blob/e0573369b865d47fed778de00a7b6df65ab1744e/src/MagicSpend/MagicSpend.sol#L284
Vulnerability details
Impact
SCW Allows for Cross-chain replayability where users can replay a single user operation on all chains as per the ReadMe:
The issue is seen in MagicSpend.sol, cause while this is implemented correctly in the SCW Account by excluding the
chainID
from thehash
of the message to be validated:The functionality is still broken with the use of MagicSpend.sol as the paymaster, this is because the
hash
of the message to be signed by owner() contains thechainID
:Let me break this down:
Let's follow the steps to run down the User Ops origin:
Severity Guide
Also, I would like to add one more thing concerning why this cross-chain replayability is broken
An Issue arises as Users are deducted from their coin-base account the withdrawn amount needed for gas fees, however not knowing the number of chains the user will execute this transaction will lead to an issue.
Let's take these steps to understand:
The user requests $30 for the withdrawal amount to be used as the gas cost of the user ops.
coin-base deducts this balance from the user and gives them a WithdrawRequest to use $30 worth of ETH.
Now remember the user intends on using this user ops on multiple chains.
Supposing all chains require the same gas cost and the user executes this User operation on 5 chains permissionlessly.
The total amount the user used of the different paymasters on different chains would be about $150 worth of ETH.
Meanwhile, the user was only deducted $30 from his coin-base account Grieving the paymaster(MagicSpend.sol).
Tools Used
Manual analysis.
Recommended Mitigation Steps
OR
Assessed type
Invalid Validation
The text was updated successfully, but these errors were encountered: