Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Orderly Network>Medium findings>Some signatures do not use nonces
GeneralOverview
Findings
Critical (1)
High (4)
Medium (3)The `ecrecover` malleabilityNonces not used in signaturesRestore frozen balance
Informational (1)
DiscussionAdditional checksOverall issues with some functionsThe `changeFeeCollector` does not revertThe `tokenHash` is not a hash from `tokenAddress`
Threat ModelWhat are threat models?AccountTypeHelper.solAccountTypePositionHelper.solCrossChainRelayUpgradeable.solFeeManager.solLedger.solLedgerComponent.solLedgerCrossChainManagerUpgradeable.solMarketManager.solOperatorManager.solOperatorManagerComponent.solSignature.solVault.solVaultCrossChainManagerUpgradeable.solVaultManager.sol
Audit ResultsSummary
Category: Business Logic

Some signatures do not use nonces

Medium Severity
Medium Impact
Low Likelihood

Description

Signatures need to be unique in order to prevent replay attacks. This uniqueness is usually achieved through the usage of nonces, which always increase and are included as part of the signature.

In the case of the Signature contract, some of the functions that verify signatures do not use nonces. This means that the signatures they use can be replayed. The following functions do not use nonces:

  • perpUploadEncodeHashVerify

  • eventsUploadEncodeHashVerify

  • marketUploadEncodeHashVerify

Impact

As the signatures can be replayed, the same action could accidentally be performed multiple times. This could lead to undesired behavior for the protocol as a whole. The likelihood of this issue is low, as the signatures are not part of public functions but rather functions used by privileged entities in the system.

Recommendations

We recommend incorporating nonces into the signatures to prevent replay attacks.

Remediation

This finding has been acknowledged by Orderly Networkand has not been remediated due to the low impact. Their official response is paraphrased below:

The perpUploadEncodeHashVerify and eventsUploadEncodeHashVerify functions use the data.batchId as nonce, and checks if batchId is the next wanted one, and reverts BatchIdNotMatch if not.

The marketUploadEncodeHashVerify does not use a nonce. We acknowledge that, but will not fix in the current version for two reasons:

A. This method just uploads the view values and is not used in logic.

B. It is only called by privileged accounts.

Zellic © 2024Back to top ↑