Full Report
The ERC4337 (Account Abstraction) implementation assumes that UserOperation binds the protocol to run the user's transaction only by the intended user. In particular, being sent directly to the contract on the blockchain from an EOA. In reality, the transaction does NOT have to be run in an isolated context. Reentrancy guards and flash loans are great examples of this. The state of an executing contract can be modified prior to execution of the UserOperation. In both cases, it would be possible to force the transaction to fail by triggering the reentrancy guard. This would grief users for the gas they spent. These can be observed by looking at the public transaction mempool or the gossip-offchain ERC4337-specific mempool. Both are valid ways to front-run these calls and are perfectly valid. Operations like simple transfers on UserOperations are not affected. More complex contracts, such as flash loans and those with reentrancy guards, would have been affected. The discoverers of the vulnerability from TrustSecurity received a $50K bounty. This is at the top of the high category in the program. It was a unique issue identified through a deep understanding of the ERC's context. Good report!
Analysis Summary
# Vulnerability: ERC-4337 EntryPoint Transaction Context Griefing
## CVE Details
- **CVE ID**: Not yet assigned (Disclosed Feb 2026)
- **CVSS Score**: High (Internal assessment for $50K bounty)
- **CWE**: CWE-664: Improper Control of a Resource Through its Lifetime; CWE-730: Denial of Service (Griefing)
## Affected Systems
- **Products**: ERC-4337 (Account Abstraction) EntryPoint implementation.
- **Versions**: All versions prior to v0.9.0.
- **Configurations**: UserOperations involving complex smart contracts with state-dependent execution, specifically those utilizing reentrancy guards (e.g., OpenZeppelin `nonReentrant`) or liquidity-sensitive protocols (flash loans).
## Vulnerability Description
The flaw stems from a lack of isolation during the execution of a `UserOperation`. In affected versions, the protocol did not enforce that `handleOps` could only be called in a clean, top-level transaction context.
Because `UserOperations` are visible in both the gossip-offchain mempool and the public Ethereum mempool (as part of a bundler's `handleOps` calldata), an attacker can observe a pending transaction and front-run it. The attacker can execute a transaction that modifies the state of the target contract (e.g., entering a contract to trigger a reentrancy guard) before the `UserOperation` is processed. This causes the user's transaction to revert while still forcing the user's account to pay gas fees to the bundler, resulting in a "griefing" attack and potential censorship.
## Exploitation
- **Status**: PoC available (validated via bug bounty); no confirmed exploits in the wild at time of publication.
- **Complexity**: Medium to High (Requires deep understanding of AA mempool and state-manipulation front-running).
- **Attack Vector**: Network (Front-running via public or off-chain mempools).
## Impact
- **Confidentiality**: None
- **Integrity**: Low (Transaction outcomes are manipulated/denied).
- **Availability**: High (Users are "griefed" for gas and can be blocked from executing DeFi operations, effectively freezing funds for certain transaction types).
## Remediation
### Patches
- **EntryPoint v0.9.0**: This version enforces that `handleOps` and `handleAggregatedOps` can only be invoked by an Externally Owned Account (EOA) as a top-level transaction. This prevents an attacker from wrapping the `UserOperation` inside a malicious contract call-frame.
### Workarounds
- Users are encouraged to route transactions through private RPCs to avoid public mempool visibility.
- Wallets and bundlers should prioritize upgrading to the v0.9 architecture.
## Detection
- **Indicators of Compromise**: High rates of reverted `UserOperations` that still result in successful gas payments to bundlers.
- **Detection Methods**: Monitoring the Ethereum mempool for transactions that target the same contracts as pending `UserOperations` within the same block (front-running patterns).
## References
- **Vendor Advisory**: hxxps[://]erc4337[.]substack[.]com/p/improving-useroperation-execution-safety-in-entrypoint-v09
- **Source Code**: hxxps[://]github[.]com/eth-infinitism/account-abstraction/releases/tag/v0.9.0
- **Bounty Program**: hxxps[://]hackenproof[.]com/programs/account-abstraction-bugs