Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Hyperlane Starknet>Medium findings>Message can be sent multiple times to an untrusted recipient
GeneralOverview
Findings
Critical (5)
High (4)
Medium (5)Modules cannot be removed from routing ISMRouting ISM with the fallback configuration does not show fallback behaviorOwner address is not initializedIncorrect size for fetching branches of the Merkle treeMessage can be sent multiple times to an untrusted recipient
Low (5)
Informational (2)
DiscussionSame message can be inserted into the Merkle tree hook multiple timesNonce may overflow
Threat ModelMessage
Audit ResultsAssessment Results
Category: Coding Mistakes

Message can be sent multiple times to an untrusted recipient

Medium Severity
Low Impact
Low Likelihood

Description

The process function in the Mailbox contract is vulnerable to reentrancy through the interchain_security_module function, potentially allowing the same message to be sent multiple times.

Impact

We do not believe this poses a serious security risk because it is unlikely that the interchain_security_module function is implemented in a way triggering the reentrancy. We believe this finding can be only applied for the recipient that is actively exploiting this behavior; however, it does not pose a considerable security risk because a malicious recipient may just allow to receive any unchecked messages.

Nonetheless, we would recommend removing this behavior by recording the history of delivery before any external interactions (i.e., invoking the interchain_security_module, verify, and handle functions).

Recommendations

Consider recording the history of delivery before any external interactions.

Remediation

This issue has been acknowledged by Pragma, and a fix was implemented in commit 6ec78842.

Zellic © 2025Back to top ↑