Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
code423n4Code4renaCODE423N4:2023-07-AXELAR-FINDINGS-ISSUES-468
HistoryJul 21, 2023 - 12:00 a.m.

The is no way for native tokens to get sent to InterchainProposalExecutor

2023-07-2100:00:00
Code4rena
github.com
interchainproposalexecutor
vulnerability
value parameter
destination contract
native tokens
mitigation steps

AI Score

7.2

Confidence

Low

JSON

Lines of code

Vulnerability details

Impact

Proposals that require value cannot be executed as native tokens on the other side of the bridge cannot be provided.

Proof of Concept

Proposals have a value parameter, which allows users to specify what amount of native tokens should be passed when calling the destination contract. The issue arises because there is no way for native tokens to be sent to the InterchainProposalExecutor contract so it can properly execute the proposal.

Tools Used

Manual Review

Recommended Mitigation Steps

Add a receive function to InterchainProposalExecutor or AxelarExecutable so native tokens can be sent to the destination chain executor contract.

Assessed type

Other

The text was updated successfully, but these errors were encountered:

All reactions

AI Score

7.2

Confidence

Low

JSON