Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Fairyring>Medium findings>Insufficient error handling in gas deduction for failed transactions
GeneralOverview
Findings
Critical (2)
High (1)
Medium (1)Insufficient error handling in gas deduction for failed transactions
Low (2)
Informational (1)
DiscussionRisks of executing messages in BeginBlock
DesignKeysharePre-execution privacy (PEP)Lanes
Audit ResultsAssessment Results
Category: Coding Mistakes

Insufficient error handling in gas deduction for failed transactions

Medium Severity
Medium Impact
Medium Likelihood

Description

In both processFailedEncryptedTx and decryptAndExecuteTx, there is insufficient error handling when deducting gas fees from an account with an insufficient balance.

  1. When a transaction fails validation, processFailedEncryptedTx is triggered to account for gas used in operations like decryption. The function calls handleGasConsumption to deduct additional gas used from the account balance. However, if the account lacks sufficient funds, only an error log is created without further action.

am.handleGasConsumption(ctx, creatorAddr, cosmosmath.NewIntFromUint64(actualGasConsumed), tx.ChargedGas)
...
func (am AppModule) handleGasConsumption(ctx sdk.Context, recipient sdk.AccAddress, gasUsed cosmosmath.Int, gasCharged *sdk.Coin) {
	creatorAccount := am.accountKeeper.GetAccount(ctx, recipient)
    ...
	if gasUsed.GT(gasCharged.Amount) {
		deductFeeErr := ante.DeductFees(
			am.bankKeeper,
			ctx,
			creatorAccount,
			sdk.NewCoins(
				sdk.NewCoin(
					gasCharged.Denom,
					gasUsed.Sub(gasCharged.Amount)),
			),
		)
		if deductFeeErr != nil {
			am.keeper.Logger().Error("deduct failed tx fee error")
			am.keeper.Logger().Error(deductFeeErr.Error())
		} else {
			am.keeper.Logger().Info("failed tx fee deducted without error")
		}
	}

  1. Similarly, decryptAndExecuteTx deducts gas fees using ante.DeductFees, but it only logs an error if the deduction fails, without additional measures.

if refundAmount.IsZero() {
    deductFeeErr := ante.DeductFees(am.bankKeeper, ctx, creatorAccount, sdk.NewCoins(usedGasFee))
    if deductFeeErr != nil {
        am.keeper.Logger().Error("Deduct fee Err")
        am.keeper.Logger().Error(deductFeeErr.Error())
    } else {
        am.keeper.Logger().Info("Fee deducted without error")
    }
}

In both functions, only logging occurs if an account lacks sufficient funds, allowing potential abuse.

Impact

This insufficient error handling could allow users to consume gas resources without deductions if they lack funds. For example, users could repeatedly submit failing transactions, triggering these functions to consume gas but bypass gas fees. This behavior could waste network resources and allow abuse, as malicious users could exploit this to submit numerous failed transactions without incurring the intended gas charges.

Recommendations

To prevent abuse and ensure proper resource utilization, consider implementing additional handling in both processFailedEncryptedTx and decryptAndExecuteTx to address failed gas deductions due to insufficient funds.

We suggest charging the user min(user balance, remaining gas) instead of only logging the error. This ensures that users are still charged to the extent possible, even if their balance is insufficient to cover the full gas cost.

Additionally, consider implementing a fallback mechanism to halt further processing of transactions if gas deductions cannot be fully covered due to low balance.

Remediation

This issue has been acknowledged by Fairblock Inc., and a fix was implemented in PR 236 and PR 237. The fixes were merged in commit .

Zellic © 2025Back to top ↑