Site icon API Security Blog

Vega’s validators able to submit duplicate transactions

A vulnerability exists that allows a malicious validator to trick the Vega network into re-processing past Ethereum events from Vega’s Ethereum bridge. For example, a deposit to the collateral bridge for 100USDT that credits a party’s general account on Vega, can be re-processed 50 times resulting in 5000USDT in that party’s general account. This is without depositing any more than the original 100USDT on the bridge.

Despite this exploit requiring access to a validator’s Vega key, a validator key can be obtained at the small cost of 3000VEGA, the amount needed to announce a new node onto the network.

The steps to carry out this exploit are as follows:
1. Cause an Ethereum event on one of the bridge contracts e.g a deposit to the collateral bridge, or the staking bridge
2. This will result in the Ethereum-event-forwarder of each node to submit a ChainEvent transaction to the Vega network corresponding to that event
3. Scrape the valid chain event transaction from the Tendermint block data using a node’s Tendermint API
4. Change the value of the `txId` field of the ChainEvent to any valid, but different, value
5. Bundle the tweaked ChainEvent into a new transaction, sign it with a validator key and resubmit to the Vega network
6. The fraudulent ChainEvent will be processed by Vega as if it were a new ChainEvent even though it did not occur on Ethereum

The key to this exploit is in step 4. The `txId` field of the ChainEvent is used when checking for ChainEvent resubmission, but NOT during the subsequent on-chain verification of the event. Therefore changing the `txId` of an existing ChainEvent is enough to by-pass the duplication check and for it to still be verified as a real event.

### Impact
The impact of this exploit is dependent on the ChainEvent being manipulated. The below table describes each one:

| Chain Event | Allows | Consequence |
| ————- | ————- | ————- |
| Deposit | Generation of unlimited funds of any asset | Withdrawal of all assets |
| Stake Deposit | Delegate unlimited Vega to a single node | A single node has controlling amount of voting power |
| Stake Removed | Force a Validator node to drop below self-stake requirements | Prevents reward payouts |
| Bridge Stop | The Vega network to think the bridge is stopped | Prevent anyone from withdrawing funds |
| Signer Removed | The Vega network to think a validator nodes is not on the multisig contract | Prevent reward payouts |

### Patches
v0.71.6

### Workarounds
No work around known, however there are mitigations in place should this vulnerability be exploited:

– there are monitoring alerts, for `mainnet1`, in place to identify any issues of this nature including this vulnerability being exploited
– the validators have the ability to stop the bridge thus stopping any withdrawals should this vulnerability be exploited

### References
N/ARead More

Exit mobile version