Assessment reports>Astria Bridge>High findings>Arbitrary withdrawal could be executed by bridge admin
Category: Coding Mistakes

Arbitrary withdrawal could be executed by bridge admin

High Severity
Medium Impact
Low Likelihood

Description

In astria-bridge-withdrawer, bridge address and withdrawer address have permission to withdraw assets from the bridge.

For protocol design, astria-bridge-withdrawer is responsible for monitoring the bridge contract's event log from rollup and submitting the withdrawal action to the sequencer using private keys of the bridge address and withdrawer address.

However, bridge address and withdrawer address could execute a transaction directly in the sequencer without a transaction in rollup. This means that it is possible to access the assets of the sequencer without the burning process of rollup assets.

Impact

If the private key of the bridge address or withdrawer address is compromised, an attacker could unlock and withdraw assets from the bridge using direct execution. This may lead to a loss of user funds.

Recommendations

Ensure that the private keys of the bridge address and withdrawer address are securely stored and the users should be aware of and accept this risk.

Remediation

Zellic © 2025Back to top ↑