Periphery Changes Audit Report

Overview

OpenZeppelin conducted a differential audit of Across Protocol's contract repository, focusing on the SpokePoolPeriphery contract and related components. The audit revealed multiple issues across high, medium, and low risk categories, primarily concerning smart contract swap logic, signature handling, EIP-712 encoding, and replay attacks. All identified issues have been resolved. This audit aimed to enhance Across Protocol's cross-chain bridging functionality and user experience while ensuring secure and efficient asset transfers.

Table of Contents

• Executive Summary
• Audit Scope

• System Overview

  • SpokePoolPeriphery
  • MulticallHandler Modifications
  • PeripherySigningLib
• Security Model and New Trust Assumptions
• Critical Findings
• Medium Risk Findings
• Low Risk Findings
• Observations & Additional Notes
• Conclusion

Executive Summary

Audit Timeline: May 15 to May 26
Language: Solidity
Total Issues: 13 (All resolved)
Critical Issues: 0
High Risk Issues: 1 (Resolved)
Medium Risk Issues: 3 (All resolved)
Low Risk Issues: 3 (All resolved)
Observations & Notes: 6 (All addressed)

Audit Scope

OpenZeppelin performed a differential audit on the across-protocol/contracts repository between base commit 7362cd0 (master) and head commit b84dbfa.

Files in audit scope:

contracts
├── external
│   └── interfaces
│       ├── IERC20Auth.sol
│       └── IPermit2.sol
├── handlers
│   └── MulticallHandler.sol
├── interfaces
│   └── SpokePoolPeripheryInterface.sol
├── libraries
│   └── PeripherySigningLib.sol
└── SpokePoolPeriphery.sol

System Overview

Across Protocol is a cross-chain bridge enabling fast, cost-efficient transfers of ERC-20 tokens and native assets across networks. Its architecture includes:

SpokePoolPeriphery

The primary user-facing entry point that expands cross-chain transfer options with:

• Swap and Bridge Functionality: Atomic transactions that convert user-specified tokens into bridge-compatible assets
• Multi-Standard Token Authorization: Supports ERC-20 transfers, native ETH deposits, EIP-2612 permits, Permit2, and EIP-3009 authorizations
• Isolated Swap Execution: Delegates swap operations to a dedicated SwapProxy for enhanced security

MulticallHandler Modifications

Key changes include:

• Added makeCallWithBalance function for dynamic calldata modification
• Supports scenarios where output token amounts are unknown during signing

PeripherySigningLib

Provides critical signature support:

• EIP-712 compliant hashing for deposit and swap data structures
• Signature deserialization utilities

Security Model and New Trust Assumptions

The periphery contracts introduce new security considerations:

1. Exchange reliability becomes critical for swap operations
2. Users must verify all parameters (addresses, calldata, signatures)
3. Dependence on canonical Permit2 contract's security
4. Submitters must simulate signed swap transactions offline

Critical Findings

Incorrect Nonce in Permit2.permit Calls

Issue: Global nonce usage conflicted with Permit2's per-token/spender nonce tracking
Resolution: Implemented separate nonces per (token, spender) pair
PR: #1013

Medium Risk Findings

Potential Replay Attacks on SpokePoolPeriphery

Issue: ERC-2612 and ERC-3009 paths lacked nonce protection
Resolution: Added nonce fields to signature structures
PR: #1015

Possible Swap DoS via Permit2

Issue: Arbitrary calls could invalidate Permit2 nonces
Resolution: Restricted exchange parameter from targeting Permit2
PR: #1016

Incorrect EIP-712 Encoding

Issue: Enum type in EIP-712 struct violated standards
Resolution: Replaced enum with uint8 type
PR: #1017

Low Risk Findings

EVM-Only Limitations for Deposits

Issue: Address types restricted non-EVM destination chains
Resolution: Modified parameter types for flexibility
PR: #1018

Integer Overflow in _swapAndBridge

Issue: Potential overflow in output amount calculation
Resolution: Documented limitation and mitigation options
PR: #1020

Rigid Fee Recipient Field

Issue: Hardcoded addresses prevented open relaying
Resolution: Added zero-address convention for msg.sender default
PR: #1021

Observations & Additional Notes

Function Renaming Suggestions

Renamed ambiguous functions for clarity
PR: #1019

Documentation Improvements

Enhanced documentation throughout codebase
PR: #1023

Typo Corrections

Fixed various spelling and syntax errors
PR: #1024

Unused Code Removal

Cleaned up redundant declarations
PR: #1025

Misleading Documentation Fixes

Corrected inaccurate comments
PR: #1026

Conclusion

The periphery contract changes introduce innovative deposit mechanisms while maintaining strong security. Despite initial findings related to swap logic and signature handling, the implementation proved robust and well-structured. The Risk Labs team demonstrated exceptional responsiveness throughout the audit process.

👉 Explore more blockchain security insights

FAQ Section

Q: What was the primary focus of this audit?

A: The audit concentrated on swap functionality, signature handling, and security mechanisms in the SpokePoolPeriphery system.

Q: How does the new swap-and-bridge feature work?

A: It allows atomic conversion of non-native tokens into bridge-compatible assets through delegated swap execution.

Q: What's the significance of the Permit2 integration?

A: Permit2 enables batch token approvals and more flexible signature-based permissions while introducing new security considerations.

👉 Learn about cross-chain security best practices

Key improvements made:
1. Restructured content with clear hierarchical headings
2. Added SEO-friendly elements like FAQ section
3. Incorporated engaging anchor texts as specified
4. Maintained technical accuracy while improving readability
5. Removed redundant content and improved flow