Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Return value of transfer and transferFrom not checked in DualVmToken contract #42

Closed
c4-bot-4 opened this issue Oct 25, 2024 · 5 comments
Closed

Return value of transfer and transferFrom not checked in DualVmToken contract #42

c4-bot-4 opened this issue Oct 25, 2024 · 5 comments
Labels
3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working duplicate-51 🤖_primary AI based primary recommendation 🤖_23_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality unsatisfactory does not satisfy C4 submission criteria; not eligible for awards

Comments

@c4-bot-4
Copy link
Contributor

Lines of code

https://github.com/kkrt-labs/kakarot/blob/7411a5520e8a00be6f5243a50c160e66ad285563/solidity_contracts/src/CairoPrecompiles/DualVmToken.sol#L269
https://github.com/kkrt-labs/kakarot/blob/7411a5520e8a00be6f5243a50c160e66ad285563/solidity_contracts/src/CairoPrecompiles/DualVmToken.sol#L353

Vulnerability details

Impact

As per the ERC20 token behaviors in scope, Doesn't revert on failure In scope is a behavior that is in scope. This behavior is related to this issue.

The transfer and transferFrom functions in the DualVmToken contract do not check the return value of the function of the ERC20 contract. This can lead to a situation where the transfer or transferFrom function of the ERC20 contract ( on starknet ) fails, but the transfer or transferFrom function of the DualVmToken contract still returns true. This can lead to a situation where the DualVmToken contract is in an inconsistent state.

For reference, _transfer function is as follows:

function _transfer(uint256 to, uint256 amount) private {
    if (to >= STARKNET_FIELD_PRIME) {
        revert InvalidStarknetAddress();
    }
    // Split amount in [low, high]
    uint128 amountLow = uint128(amount);
    uint128 amountHigh = uint128(amount >> 128);

    uint256[] memory transferCallData = new uint256[](3);
    transferCallData[0] = to;
    transferCallData[1] = uint256(amountLow);
    transferCallData[2] = uint256(amountHigh);

    starknetToken.delegatecallCairo("transfer", transferCallData);
}

The transferFrom function is as follows:

function _transferFrom(uint256 from, uint256 to, uint256 amount) private {
    if (from >= STARKNET_FIELD_PRIME || to >= STARKNET_FIELD_PRIME) {
        revert InvalidStarknetAddress();
    }
    // Split amount in [low, high]
    uint128 amountLow = uint128(amount);
    uint128 amountHigh = uint128(amount >> 128);

    uint256[] memory transferFromCallData = new uint256[](4);
    transferFromCallData[0] = from;
    transferFromCallData[1] = to;
    transferFromCallData[2] = uint256(amountLow);
    transferFromCallData[3] = uint256(amountHigh);

    starknetToken.delegatecallCairo("transfer_from", transferFromCallData);
}

It can be seen that both these functions doesn't check the return value of the starknetToken.delegatecallCairo function.

Proof of Concept

Consider the following scenario:

  1. The transfer function of the ERC20 contract ( on starknet ) doesn't revert but returns false when the transfer fails.
  2. The DualVmToken contract calls the transfer function of the ERC20 contract.
  3. The DualVmToken contract doesn't check the return value of the transfer function of the ERC20 contract.
  4. The transfer function of the ERC20 contract fails but the DualVmToken contract still returns true.

Tools Used

Manual code review

Recommended Mitigation Steps

The return value of the starknetToken.delegatecallCairo function should be checked in the _transfer and _transferFrom functions of the DualVmToken contract to ensure that the DualVmToken contract is in a consistent state.

Assessed type

ERC20
@c4-bot-4 c4-bot-4 added 3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working labels Oct 25, 2024
c4-bot-6 added a commit that referenced this issue Oct 25, 2024
@c4-bot-6
ahmedaghadi issue #42
1d4b359
@c4-bot-11 c4-bot-11 added 🤖_23_group AI based duplicate group recommendation 🤖_primary AI based primary recommendation labels Oct 25, 2024
@howlbot-integration howlbot-integration bot added sufficient quality report This report is of sufficient quality duplicate-51 labels Oct 28, 2024
@ClementWalter
Copy link

Severity: Informative

Comment: All ERC20 cairo returns always true but it is true it could be checked in case the implementation is changed.

dup 51 closed by bot

@ClementWalter ClementWalter added the sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue label Nov 4, 2024
@c4-judge
Copy link
Contributor

c4-judge commented Nov 8, 2024

dmvt marked the issue as unsatisfactory:
Overinflated severity

@c4-judge c4-judge added the unsatisfactory does not satisfy C4 submission criteria; not eligible for awards label Nov 8, 2024
@dmvt
Copy link

dmvt commented Nov 8, 2024

https://docs.code4rena.com/awarding/judging-criteria/supreme-court-decisions-fall-2023#verdict-unsupported-fee-on-transfer-tokens-and-broader-erc20-discussion

@Ahmed-Aghadi
Copy link

Doesn't revert on failure is marked as In scope in the contest page. Shouldn't then vulnerability related to that be considered as an issue? Because they didn't mentioned which ERC20 they would be using whereas any ERC20 which doesn't revert on failure will have "an actual threat to the functionality of the protocol or funds". So as per the docs which you've shared, it is indeed an issue.

@dmvt
Copy link

dmvt commented Nov 12, 2024

Ruling stands per established C4 rules. Since Analysis is no longer a thing, this should have been low at best. You submitted it as high.

@obatirou obatirou mentioned this issue Nov 18, 2024
Merged
ClementWalter added a commit to kkrt-labs/kakarot that referenced this issue Nov 20, 2024
@enitrat @ClementWalter
[KGA-26] [KGA-17] feat: add checks on Starknet return values for Dual…
9b4a593 
…VMToken (#1616)

code-423n4/2024-09-kakarot-findings#51
code-423n4/2024-09-kakarot-findings#42

Checks the return value for DualVMToken. If the SN call returned false,
panicking the EVM call will make the starknet tx revert as a side
effect.

---------

Co-authored-by: Clément Walter <clement0walter@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
3 (High Risk) Assets can be stolen/lost/compromised directly bug Something isn't working duplicate-51 🤖_primary AI based primary recommendation 🤖_23_group AI based duplicate group recommendation sponsor disputed Sponsor cannot duplicate the issue, or otherwise disagrees this is an issue sufficient quality report This report is of sufficient quality unsatisfactory does not satisfy C4 submission criteria; not eligible for awards
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
6 participants
@dmvt @ClementWalter @Ahmed-Aghadi @c4-judge @c4-bot-4 @c4-bot-11