Lucene search
+L

5 matches found

Code423n4
Code423n4
•added 2022/08/03 12:0 a.m.•7 views

Previous {Operators/Weights/Threshold} Are Still Able To Sign Off New Commands After Operatorship Is Transferred

Lines of code Vulnerability details The administrator will call AxelarAuthWeighted.transferOperatorship function to transfer the operatorship to a new set of Operators/Weights/Threshold. However, it was observed that after transferring the operatorship to a new set of Operators/Weights/Threshold,...

7.3AI score
Exploits0
Code423n4
Code423n4
•added 2022/08/03 12:0 a.m.•11 views

AxelarAuthWeighted - Can set operators to same values to override OLD_KEY_RETENTION

Lines of code Vulnerability details Impact It is possible to transfer operatorship to the same operators by simply doubling the values of the newWeights array and newThreshold value. This could be used by newly appointed operators to invalidate all previous operators and thus invalidate the...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2022/08/03 12:0 a.m.•8 views

Malicious operators within epoch can not be manually invalidated

Lines of code Vulnerability details Impact Messages are verified and validated by a set of operators. Operators their weights and threshold are defined per epoch and stored as a hash. Transferring operatorship which means creating a new set of valid operators creates a new epoch. Operator sets th...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2022/08/03 12:0 a.m.•8 views

Hash Collision Within The epochForHash Mapping

Lines of code Vulnerability details It is not possible for the administrator to transfer operatorship to a new set of Operators/Weights/Threshold that has been previously configured because a hash collision will occur within the epochForHash mapping. Proof-of-Concept Assuming that OLDKEYRETENTION...

6.6AI score
Exploits0
Code423n4
Code423n4
•added 2022/08/01 12:0 a.m.•15 views

AxelarAuthWeighted.sol#_validateSignature fails for valid transaction if early signer submits invalid signature

Lines of code Vulnerability details Impact Valid transactions deemed invalid Proof of Concept for ; operatorIndex function isSortedAscAndContainsNoDuplicateaddress memory accounts internal pure returns bool for uint256 i; i = accountsi + 1 return false; return accounts0 != address0; Va...

6.5AI score
Exploits0
Rows per page
Query Builder