Omniscia Pareto Audit
ParetoSmartWalletChecker Manual Review Findings
ParetoSmartWalletChecker Manual Review Findings
PSW-01M: Potential Manipulation of Code Hash
| Type | Severity | Location |
|---|---|---|
| Logical Fault |  | ParetoSmartWalletChecker.sol:L99 |
Description:
The ParetoSmartWalletChecker::check function meant to be integrated by ve8020 tokens will evaluate a wallet's access authorization through its codehash.
The EIP-7702 standard has introduced a way for accounts to effectively spoof any codehash they wish temporarily, rendering this type of access gating to be insecure.
Impact:
The current codehash based access authorization mechanism is insecure as the hash of an account can be manipulated via EIP-7702.
Example:
src/staking/ParetoSmartWalletChecker.sol
95/// @notice Implementation of the SmartWalletChecker interface used by VotingEscrow96/// @param wallet Address of the smart contract wallet to check97/// @return True if the wallet is allowed, false otherwise98function check(address wallet) external view returns (bool) {99 return allowAllSmartContracts || smartWalletAllowed[wallet] || allowedCodeHashes[wallet.codehash];100}Recommendation:
We advise the Pareto team to evaluate this and potentially remove codehash based access authorization from the contract.
Alleviation:
After extensive discussions with the Pareto team, we concluded that they wish to acknowledge this particular risk.