F-2025-0003·state-management
Stale SigningStargateClient when changing accounts
TL;DR
The SigningStargateClient was cached across account switches without being refreshed, allowing a transaction initiated after an account change to still use the previous account's signer.
Severity
MEDIUM
Impact
MEDIUM
Likelihood
MEDIUM
Method
MManual review
CAT.
Complexity
MEDIUM
Exploitability
MEDIUM
02Section · Description
Description
When the user switched accounts in the widget, the cached SigningStargateClient was not refreshed. A transaction initiated after the account change could still be signed by the previous account's signer, producing actions on behalf of the wrong wallet.
03Section · Recommendation
Recommendation
Invalidate and rebuild the signing client on every account change. Add a session-binding check between the displayed wallet and the signer used for transaction construction.
Initia: Resolved. Pashov Audit Group: Resolved.
Status
Fixed
Fix commit
de9d3602dc1a
Fix date
2025-06-23