Weak noncecheck lead to replay of transactions #686
Description
Vulnerability Overview:
Since there is no explicit +1 limit on the nonce check used by ethermint, this results in transactions passing the antehandler checksum as long as they are greater than the node’s cached nonce. If the victim sends a very large nonce transaction, the attacker can replay the transaction.
Details and Root Cause:
First, we found some ground truths:
As long as the MsgEthereumTx is larger than the current node’s cache nonce, it will pass both noncecheck.
Signaturecheck uses the nonce field of the transaction itself, so transactions larger than the current cached nonce can still pass signaturecheck.
Thus, if a msg have a large nonce,then it can be replaied.
Steps to Exploit:
Suppose the victim sends a nonce that is much larger than the current node’s cache.
An attacker can replay this transaction.