Assessment reports>Osmosis Authentication Abstraction>Low findings>Panic for messages with no signers
Category: Coding Mistakes

Panic for messages with no signers

Low Severity
Low Impact
High Likelihood

Description

The ante handler for the authenticator authenticates the first signer for every message in a transaction.

for msgIndex, msg := range msgs {
	// By default, the first signer is the account
	account, err := utils.GetAccount(msg)
	if err != nil {
		return sdk.Context{}, sdkerrors.Wrap(sdkerrors.ErrUnauthorized, fmt.Sprintf("failed to get account for message %d", msgIndex))
	}
func GetAccount(msg sdk.Msg) (sdk.AccAddress, error) {
	if len(msg.GetSigners()) == 0 {
		return nil, sdkerrors.Wrap(sdkerrors.ErrUnauthorized, "no signers")
	}
	return msg.GetSigners()[0], nil
}

It is, however, possible for certain messages to not require any signers. For example, MsgIBCSend does not require any signers.

Impact

The ante handler will panic if any message is executed without a signer.

Recommendations

If messages without a signer are not supported, then add an explicit check to ensure that the message has at least one signer and return an appropriate error if that is not the case.

Remediation

This issue has been acknowledged by Osmosis Labs, and a fix was implemented in commit eb2facfb. Every message now requires exactly one signer.

Zellic © 2025Back to top ↑