Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Low] XDM - Delay in XDM message execution allows opportunistic attacks on src/dst chain #2806

Open
mmostafas opened this issue May 30, 2024 · 0 comments
Open

[Low] XDM - Delay in XDM message execution allows opportunistic attacks on src/dst chain #2806

mmostafas opened this issue May 30, 2024 · 0 comments
Labels
audit Audit results

Comments

@mmostafas
Copy link

Issue Description

An XDM message is not executed on the destination chain (dst_chain) until the domain block of the source chain (src_chain_id) containing the originating extrinsic is out of the challenge period or has reached archiving depth. This delay allows a malicious actors to exploit the pending status of the XDM message to leverage different types of attacks.

Risk

The delay in executing XDM messages can lead to opportunistic attacks such as front-running.

Mitigation

As we do not see an immediate solution for these issues, we recommend raising awareness about the presence of such threats in the ecosystem to better protect users.
@vanhauser-thc vanhauser-thc added the audit Audit results label May 30, 2024
@vedhavyas vedhavyas self-assigned this Jun 10, 2024
@vedhavyas vedhavyas removed their assignment Aug 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
audit Audit results
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@vanhauser-thc @vedhavyas @mmostafas