Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cross-Chain Transfer Risks may lead to token loss in the smart contracts #12

Open
0xM3R opened this issue Dec 11, 2024 · 1 comment
Open

Cross-Chain Transfer Risks may lead to token loss in the smart contracts #12

0xM3R opened this issue Dec 11, 2024 · 1 comment
Assignees
@fadeev
Labels
Security

Comments

@0xM3R
Copy link

0xM3R commented Dec 11, 2024

Vulnerability Details

The transferCrossChain function burns tokens before confirming their successful minting on the destination chain. This approach risks permanent token loss if the cross-chain operation fails.

Analysis

The vulnerable implementation

standard-contracts/contracts/nft/contracts/evm/UniversalNFT.sol

Line 71 in a08166a

bytes memory message = abi.encode(
:

_burn(tokenId);
bytes memory message = abi.encode(destination, receiver, tokenId, uri, msg.sender);
gateway.depositAndCall{value: msg.value}(universal, message, RevertOptions(...));
  • Tokens are burned unconditionally before confirmation.
  • If the cross-chain transfer fails, the token cannot be recovered without external intervention.

How It Can Be Harmful

  • Token Loss: Users permanently lose tokens in case of cross-chain failures.
  • Operational Risks: Dependency on external gateway contracts introduces single points of failure.

PoC Code

Attempt a cross-chain transfer to an invalid destination address and observe the behavior:

transferCrossChain(tokenId, invalidReceiver, invalidDestination);
  • Tokens will be burned, but minting on the destination chain will not occur.

How to Mitigate the Issue

  1. Implement a Locking Mechanism:
    Instead of burning tokens immediately, lock them until the cross-chain transfer is confirmed. 
    lockedTokens[tokenId] = true;
  2. Atomic Operations:
    Ensure that burning occurs only after successful confirmation of minting on the destination chain.

References
@0xM3R 0xM3R changed the title Cross-Chain Transfer Risks may lead to token loss Cross-Chain Transfer Risks may lead to token loss in UninversalNFT contract Dec 11, 2024
@0xM3R 0xM3R changed the title Cross-Chain Transfer Risks may lead to token loss in UninversalNFT contract Cross-Chain Transfer Risks may lead to token loss Dec 11, 2024
@0xM3R 0xM3R changed the title Cross-Chain Transfer Risks may lead to token loss Cross-Chain Transfer Risks may lead to token loss in the smart contracts Dec 11, 2024
@0xM3R
Copy link
Author

0xM3R commented Dec 11, 2024

The same flawed logic has been implemented in the UniversalToken.sol as well.

standard-contracts/contracts/token/contracts/evm/UniversalToken.sol

Line 47 in a08166a

_burn(msg.sender, amount);

The vulnerable implementation:

_burn(msg.sender, amount);

bytes memory message = abi.encode(
    destination,
    receiver,
    amount,
    msg.sender
);
if (destination == address(0)) {
    gateway.call(
        universal,
        message,
        RevertOptions(address(this), false, address(0), message, 0)
    );
} else {
    gateway.depositAndCall{value: msg.value}(
        universal,
        message,
        RevertOptions(
            address(this),
            true,
            address(0),
            abi.encode(amount, msg.sender),
            gasLimitAmount
        )
    );
}

@0xM3R 0xM3R added the Security label Dec 11, 2024
@0xM3R 0xM3R transferred this issue from another repository Dec 17, 2024
@0xM3R 0xM3R transferred this issue from zeta-chain/smart-contract-vulns Dec 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@fadeev fadeev

Labels
Security
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@fadeev @0xM3R