PaymasterDocs
  • All-In-One Paymaster
  • Basics of Paymaster
    • What is Paymaster?
    • Breaking down the paymaster
  • Several types of the paymaster
    • Several types of the paymaster
      • Breaking down the paymaster-TokenPaymaster
      • Breaking down the paymaster-SponsorshipPaymaster
  • Vectors of Paymaster
    • Threat Modeling
    • General Vectors
      • Mismanagement of funds
      • Incorrect Validation Logic
      • Incorrect Calculation Logic
      • Structural Error
      • Threats in v0.6
      • Reputation-Related Risk
        • Understanding Reputation for Paymaster
      • Signature Reuse Risk
    • Sponsorship Paymaster Specific Vectors
    • EIP-7702 Paymaster Specific Vectors
    • How to apply test code
    • Test Results Dashboard
  • Multichain paymaster
    • Overview
      • Omnichain paymaster - Particle Network
  • RESOURCES
    • Resources
    • Remaining services
    • Integrating with further EIPs
      • EIP-7702
      • EIP-6900
    • Contributions and FAQ
Powered by GitBook
On this page
  1. Vectors of Paymaster
  2. General Vectors

Threats in v0.6

Many services are still using v0.6 of EntryPoint. This page explains the potential threats that may arise from v0.6.

postOp with postOpReverted mode

In v0.6 of EntryPoint, the postOp function can be executed twice. If the first postOp function results in a revert, the second postOp function is executed with PostOpMode.postOpReverted as an argument. This can lead to gas griefing for the paymaster.

Example Case:

// https://github.com/eth-infinitism/account-abstraction/blob/6ac12fe80ad7ee6fa622fc5cd825eb11415e6f4e/contracts/samples/TokenPaymaster.sol

function _postOp(PostOpMode mode, bytes calldata context, uint256 actualGasCost) internal override {
    if (mode == PostOpMode.postOpReverted) {
        return;
    }
    ...
    ...
    refillEntryPointDeposit(_cachedPrice);    
}

If the TokenPaymaster immediately returns when the mode is PostOpMode.postOpReverted, the refillEntryPointDeposit function will not be called, and the paymaster’s gas will not be refilled. As a result, a malicious user can intentionally trigger a revert in the first postOp function to set the mode to PostOpMode.postOpReverted and attempt to gas grief the paymaster.

  • Mitigation : The function to refill the paymaster's funds must be executed regardless of the mode to ensure the paymaster's gas is replenished properly.

function _postOp(PostOpMode mode, bytes calldata context, uint256 actualGasCost) internal override {
    ...
    ...
    refillEntryPointDeposit(_cachedPrice);    
}

PreviousStructural ErrorNextReputation-Related Risk

Last updated 6 months ago