Reentrancy check in account_contract can be easily circumvented #64
Labels
2 (Med Risk)
Assets not at direct risk, but function/availability of the protocol could be impacted or leak value
bug
Something isn't working
M-06
primary issue
Highest quality submission among a set of duplicates
🤖_62_group
AI based duplicate group recommendation
selected for report
This submission will be included/highlighted in the audit report
sponsor confirmed
Sponsor agrees this is a problem and intends to fix it (OK to use w/ "disagree with severity")
sufficient quality report
This report is of sufficient quality
Lines of code
https://github.com/kkrt-labs/kakarot/blob/7411a5520e8a00be6f5243a50c160e66ad285563/src/kakarot/accounts/account_contract.cairo#L344
Vulnerability details
The
account_contract
has a reentrancy check inexecute_starknet_call
to prevent calls made from the Kakarot EVM to Starknet to re-enter the Kakarot EVM.The check is implemented by checking that
execute_starknet_call
calls Kakarot's address only with theget_starknet_address
getter, which is indeed harmless:However, this check leaves another possibility open, that is that the
account_contract
could call itself or anotheraccount_contract
with a signed transaction to re-enter the Kakarot EVM, which is extremely vulnerable to reentrancy because of its extensive use of cached data.While an exploit via this path can have critical impact on the integrity of the EVM, it's likelihood is extremely low because
execute_starknet_call
is accessible only via whitelisted contracts.Proof of Concept
Because Kakarot stores the effects of the execution at the very end of it via the
Starknet.commit
, it openly does not follow the check-effect-interaction pattern, so the integrity of the EVM is at risk of reentrancy via submissions of signed transactions within thecall cairo
precompile.Recommended Mitigation Steps
Consider removing the reentrancy check in
account_contract
, and adding a reentrancy guard on theKakarot.eth_call
function.Assessed type
Other
The text was updated successfully, but these errors were encountered: