Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Incorrect Index Emission in _updateRingKey Function #78

Open
hats-bug-reporter bot opened this issue Jul 9, 2024 · 2 comments
Open

Incorrect Index Emission in _updateRingKey Function #78

hats-bug-reporter bot opened this issue Jul 9, 2024 · 2 comments
Labels
Invalid - lead auditor invalid This doesn't seem right

Comments

@hats-bug-reporter
Copy link

Github username: --
Twitter username: --
Submission hash (on-chain): 0x4d9159d738ed00604e2933dfcce0dd2e65ddff1669c6257dc771bb9bbad18063
Severity: low

Description:
Description\

function _updateRingKey(bytes32 _entropy) internal {
    bytes32 newKey = bytes32(Sapphire.randomBytes(32, abi.encodePacked(_entropy)));

    uint newIndex = _ringKeys.length; // This is calculated before pushing the new key
    _ringKeys.push(newKey);

    _lastRingKeyUpdate = block.timestamp;

    emit ActualRingKeyRenewed(newIndex); // Emits the old index
}

The _updateRingKey function is responsible for generating a new ring key, adding it to the _ringKeys array, and emitting an event to log the update. However, there is a logical error in the current implementation that causes the event to emit an incorrect index.

The newIndex is calculated before the new key is pushed to the _ringKeys array. As a result, newIndex represents the length of the array before the new key is added, which is incorrect.

Attack Scenario\

  1. Call the _updateRingKey function with any valid _entropy value.
  2. Observe the emitted ActualRingKeyRenewed event.
    Expected Behavior:
    The ActualRingKeyRenewed event should emit the index of the newly added ring key.
    Actual Behavior:
    The ActualRingKeyRenewed event emits the index of the previous key instead of the new one.

Attachments

  1. Proof of Concept (PoC) File
  • Index Calculation: uint newIndex = _ringKeys.length; calculates the index based on the current length of the _ringKeys array.
  • Pushing the New Key: _ringKeys.push(newKey); adds the new key to the array, increasing its length by one.
  • Emitting the Event: emit ActualRingKeyRenewed(newIndex); emits the index that was calculated before the new key was added, which is off by one.

Impact:
This issue can lead to incorrect tracking of ring key updates, causing potential confusion and errors in any off-chain systems or logs that rely on the ActualRingKeyRenewed event for accurate information.

  1. Revised Code File (Optional)
  • To ensure the correct index is emitted, calculate the newIndex after pushing the new key to the _ringKeys array. Here is the corrected implementation:
function _updateRingKey(bytes32 _entropy) internal {
    bytes32 newKey = bytes32(Sapphire.randomBytes(32, abi.encodePacked(_entropy)));

    _ringKeys.push(newKey);
    uint newIndex = _ringKeys.length - 1; // Calculate newIndex after pushing

    _lastRingKeyUpdate = block.timestamp;

    emit ActualRingKeyRenewed(newIndex);
}
@hats-bug-reporter hats-bug-reporter bot added the bug Something isn't working label Jul 9, 2024
@party-for-illuminati party-for-illuminati added invalid This doesn't seem right and removed bug Something isn't working labels Jul 9, 2024
@batmanBinary
Copy link

@party-for-illuminati ?

@party-for-illuminati
Copy link
Collaborator

@party-for-illuminati ?

How is index calculation incorrect?

Example 1:

array = []
newIndex = array.length = 0
array.push(test)
array[newIndex] is test

Example 2:

array = [test0]
newIndex = array.length = 1
array.push(test1)
array[newIndex] is test1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Invalid - lead auditor invalid This doesn't seem right
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rotcivegaf @party-for-illuminati @batmanBinary