Report for issue #115 updated by ladboy233

code-423n4 · Jan 7, 2023 · dced11e · dced11e
1 parent 12423d5
commit dced11e
Showing 1 changed file with 1 addition and 34 deletions.
diff --git a/data/ladboy233-Q.md b/data/ladboy233-Q.md
@@ -53,37 +53,4 @@ https://github.com/OpenZeppelin/openzeppelin-contracts-upgradeable/blob/25aabd28
 function __ReentrancyGuard_init() internal onlyInitializing {
 	__ReentrancyGuard_init_unchained();
 }
-```
-
-
-# front-runnable wallet deployment.
-
-### Line of Code
-
-https://github.com/code-423n4/2023-01-biconomy/blob/53c8c3823175aeb26dee5529eeefa81240a406ba/scw-contracts/contracts/smart-contract-wallet/SmartAccountFactory.sol#L33
-
-### Vulnerability and recommended fix
-
-The function below is front-runnable.
-
-```solidity
-function deployCounterFactualWallet(address _owner, address _entryPoint, address _handler, uint _index) public returns(address proxy){
-	bytes32 salt = keccak256(abi.encodePacked(_owner, address(uint160(_index))));
-	bytes memory deploymentData = abi.encodePacked(type(Proxy).creationCode, uint(uint160(_defaultImpl)));
-	// solhint-disable-next-line no-inline-assembly
-	assembly {
-		proxy := create2(0x0, add(0x20, deploymentData), mload(deploymentData), salt)
-	}
-	require(address(proxy) != address(0), "Create2 call failed");
-	// EOA + Version tracking
-	emit SmartAccountCreated(proxy,_defaultImpl,_owner, VERSION, _index);
-	BaseSmartAccount(proxy).init(_owner, _entryPoint, _handler);
-	isAccountExist[proxy] = true;
-}
-```
-
-When the transaction is pending in the mempool, a user can decode the transaction and get the deploymentData and the salt, then deploy the wallet with higher gas fee.
-
-The issue is that the deployCounterFactualWallet can revert and isAccountExist[proxy] will not be correctedly updated.
-
-We recommend the protocol validate the signature to make sure the msg.sender match the owner when deploy the wallet to avoid front-running.
+```