Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: M-05 Griefing Attacks Are Possible in ZK Adapters #742

Draft
wants to merge 2 commits into
base: master
Choose a base branch
from

Conversation

bmzig
Copy link
Contributor

@bmzig bmzig commented Nov 11, 2024

The _computeETHTxCost function of the ZkStack_Adapter contract is used to estimate transactions' cost on L2. Whenever a message is sent from L1 to L2, this estimated transaction cost is transferred out of the HubPool to the native L1 inbox. Any excess value is supposed to be refunded to the L2_REFUND_ADDRESS on L2, which is expected to be an address under the control of the Across team. However, tx.gasprice, which is used for transaction cost estimation, is a parameter that can be manipulated by the initiator of the transaction. This opens up an attack vector whereby a malicious user can inflate the tx.gasprice in order to transfer ETH from the HubPool to an L2 network.

In order to perform the attack, the attacker could invoke the executeRootBundle function of the HubPool, causing the HubPool to call the relayMessage function of the adapter. Since tx.gasprice is directly used for the required gas fee calculation, the attacker can set it to a value for which the estimated fee will be equal to the entire HubPool's ETH balance. HubPool will then transfer the ETH to L2. A similar attack could be used in order to transfer a custom gas token from the HubPool using the ZkStack_CustomGasToken_Adapter contract.

While it is normally very expensive for an attacker to inflate tx.gasprice parameter for the entire transaction (as they have to cover the gas fee), they can receive back almost the entire invested ETH amount if they are a validator for the block in which the attack is executed.

Consider limiting the maximum tx.gasprice which can be used for gas fee calculation inside the _computeETHTxCost and the _pullCustomGas functions.

This PR creates a new private immutable variable in the zk stack adapters, MAX_TX_GASPRICE, which causes transactions in this adapter to revert when tx.gasprice > MAX_TX_GASPRICE. This should be set to an appropriately high value in the constructor, and motivation for adding this is added in a comment above MAX_TX_GASPRICE.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant