UserOperation Hijacking

UserOperation Hijacking is a security vulnerability in cross-chain account abstraction systems that use ERC-4337. This attack exploits the gap between when a user's cross-chain intent is registered and when it's executed.

Root Cause

The vulnerability exists because blockchain transactions are public and EntryPoint contracts accept UserOperations from any caller. The EntryPoint only verifies signature validity and nonce correctness without verifying that prerequisites (like asset availability) have been met. There is no authentication mechanism to ensure that only the designated filler can submit the UserOperation to the EntryPoint.

Attack Flow

1. User deposits funds on the origin chain, generating an event containing a UserOperation

2. This UserOperation includes:

   • The function to execute (e.g., order() on an NFT marketplace)

   • nonce to prevent replay attacks

   • signature for authorizing the execution

3. Before the legitimate filler can act, an attacker monitors the blockchain and extracts the UserOperation

4. The attacker immediately submits this UserOperation calling handleOps() on the EntryPoint contract.

5. Since the UserOperation contains a valid signature, the EntryPoint processes it and consumes the nonce .

6. When the legitimate filler later tries to execute the same UserOperation, the transaction reverts because the nonce has already been used

Mitigations

1. Account Validation

This approach involves implementing a custom validator module that maintains authorization mappings between UserOperation nonces and designated fillers.

This validator module should be installed on modular accounts to intercept and validate UserOperation execution attempts, ensuring only pre-authorized fillers can submit UserOperations through the validation layer.

2. Exclusive-relayer Contract Verification

A dedicated settlement contract approach involves deploying specialized contracts that maintain exclusive filler assignments for cross-chain intents. These contracts implement intent-hash to filler mapping with time-bounded exclusivity periods, requiring all UserOperation submissions to route through authorized settlement contracts that verify filler credentials.