Skip to content

Latest commit

 

History

History
44 lines (25 loc) · 2.18 KB

030.md

File metadata and controls

44 lines (25 loc) · 2.18 KB

Old Boysenberry Reindeer

High

Lack of uniqueness in generateOrderId function will lead to duplicate order IDs for the same user in a single block.

Summary

The generateOrderId function in the AutomationMaster contract will generate identical order IDs for the same user when called multiple times within the same block, as it relies on block.timestamp, which does not change during a single block. This will cause conflicts and errors when processing orders, as multiple orders from the same user will have the same ID.

Root Cause

In AutomationMaster.sol:90 https://github.com/sherlock-audit/2024-11-oku/blob/e844037b3fcd8288efe10a2f1cf43e62bad7b4e1/oku-custom-order-types/contracts/automatedTrigger/AutomationMaster.sol#L90

The generateOrderId function uses block.timestamp and sender to generate the order ID. Since block.timestamp remains constant within a single block, if the function is called multiple times in the same block, it will return the same ID each time.

Internal pre-conditions

  1. The generateOrderId function is called multiple times by the same sender in a single block.
  2. block.timestamp does not change during the block, causing the hash to remain the same.
  3. No unique identifier is introduced (such as a nonce or incrementing counter) to differentiate the calls.

External pre-conditions

  1. The contract interacts with external systems (such as Chainlink Automation) to process orders.
  2. The protocol requires each order to have a unique ID to be properly processed.

Attack Path

  1. The user calls generateOrderId multiple times in the same block.
  2. Since block.timestamp remains constant during the block, the generated ID will be the same for all calls.
  3. The system treats all orders from the same user in that block as the same order, causing conflicts, failures, or unintended behavior.

Impact

The protocol may fail to process multiple orders from the same user correctly, leading to order conflicts and the inability to distinguish between different orders. This could prevent users from submitting valid orders or cause lost transactions.

PoC

No response

Mitigation

Add a nonce or counter to make the order ID unique even within the same block.