Not checking the recipient address in channel closing function and updateTransfer function in NettingChannelLibrary.sol file #601
Comments
|
Hello @trivikrama619. You are absolutely correct. There should be a recipient check in the netting channel smart contract as the attacker could eavesdrop on a another channel with the same sender and use their transfer. Very nice catch! We will address very soon. |
This was referenced May 18, 2017
hackaugusto
pushed a commit
to hackaugusto/raiden
that referenced
this issue
Dec 5, 2019
The MS/PFS iterates through all available servers and join all PFS/MS rooms. If no rooms are found, it creates them. Fixes raiden-network#600, raiden-network#601.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Problem Definition
As far as I understood the smart contract code, when closing a channel between two participants, the closer submits the latest known transfer of the counterparty. nonce, transferred_amount and locksroot of the counterparty are updated by decoding the transfer message.
Shouldn't there be a check to see if the recipient of the transfer message is the closer ? I think a potential attack is possible by submitting a transfer message sent by the counterparty to some other person (just making sure that the nonce is valid and appropriate). Same thing is possible with the updateTransfer function.
Am I missing something in this logic ?
Solution
Just add another check to see if the closer is the recipient of the transfer message.
Tasklist
The text was updated successfully, but these errors were encountered: