80 - Attackers can prevent honest users from performing an instant withdraw from the Wallet contract
An attacker who sees an honest user’s call to MessageProcessor.instantWithdraw in the mempool can grab the oracleMessage and oracleSignature parameters from the user’s transaction, then submit their own transaction to instantWithdraw using the same parameters, a higher gas price (so as to frontrun the honest user’s transaction), and carefully choosing the gas limit for their transactions such that the internal call to the callInstantWithdraw will fail on line 785 with an out-of-gas error, but will successfully execute the if(!success) block.
The result is that the attacker’s instant withdraw will fail (so the user will not receive their funds), but the userInteractionNumber will be successfully reserved by the ReplayTracker.
As a result, the honest user’s transaction will revert because it will be attempting to use a userInteractionNumber that is no longer valid.
Consider adding an access control mechanism to restrict who can submit oracleMessages on behalf of the user.
- OpenZeppelin Audit Futureswap V2 Finding H01
- Timing/DoS
- High Severity
- Front-running
- Prevent Instant Withdraw
- Access Control
- Submit oracleMessages
- Youtube Reference
- High Risk severity finding from OpenZeppelin’s Audit of Futureswap V2