Skip to content
This repository has been archived by the owner on Oct 27, 2024. It is now read-only.

maushish - Lack of proper cross-chain EIP-712 parameters could lead to wrong edges getting acknowledged. #415

Closed
sherlock-admin4 opened this issue Apr 26, 2024 · 1 comment
Closed

maushish - Lack of proper cross-chain EIP-712 parameters could lead to wrong edges getting acknowledged. #415

sherlock-admin4 opened this issue Apr 26, 2024 · 1 comment
Labels
Excluded Excluded by the judge without consulting the protocol or the senior Non-Reward This issue will not receive a payout Sponsor Disputed The sponsor disputed this issue's validity Won't Fix The sponsor confirmed this issue will not be fixed

Comments

@sherlock-admin4
Copy link
Contributor

sherlock-admin4 commented Apr 26, 2024
edited by sherlock-admin2
Loading

maushish

medium

Lack of proper cross-chain EIP-712 parameters could lead to wrong edges getting acknowledged.

Summary

In the current implementation of checkSignature modifier there is no involvement of chain-id , nonce parameters due to which malicious actor could replay a signature and either unacknowledge or acknowledge an edge.

Vulnerability Detail

As clearly mentioned in the readme file
image
The current implementation of checkSignature follows a modified version of EIP-712
https://github.com/sherlock-audit/2024-04-titles/blob/main/wallflower-contract-v2/src/graph/TitlesGraph.sol#L40

    /// @notice Modified to check the signature for a proxied acknowledgment.
    modifier checkSignature(
        bytes32 edgeId,
        bytes calldata data,
        bytes calldata signature
    ) {
        bytes32 digest = _hashTypedData(
            keccak256(abi.encode(ACK_TYPEHASH, edgeId, data))// message with /x19... prefix
        );
        if (
            !edges[edgeId].to.creator.target.isValidSignatureNowCalldata( digest,signature) || _isUsed[keccak256(signature)]
        ) {
            revert Unauthorized();
        }
        _;
        _isUsed[keccak256(signature)] = true;
    }

Because the chain ID is not included in the data, all signatures are also valid when the project is launched on a chain with another chain ID.
Signature without chain-id, nonces are not safe along with the standard specified in EIP 712.

Impact

Mentioned in the summary.

Code Snippet

    function acknowledgeEdge(
        bytes32 edgeId_,
        bytes calldata data_,
        bytes calldata signature_
    )
        external
        checkSignature(edgeId_, data_, signature_)
        returns (Edge memory edge)
    {
        return _setAcknowledged(edgeId_, data_, true);
    }

Tool used

Manual Review

Recommendation

Implement the use of nonce and chain-id in checkSignature modifier.
@ccashwell
Copy link

This is not valid. Indeed, the chainId is being validated as part of the EIP712 domain.

image

@sherlock-admin3 sherlock-admin3 added Sponsor Disputed The sponsor disputed this issue's validity Won't Fix The sponsor confirmed this issue will not be fixed labels Apr 29, 2024
@github-actions github-actions bot closed this as completed May 6, 2024
@github-actions github-actions bot added Medium A valid Medium severity issue Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label labels May 6, 2024
@Hash01011122 Hash01011122 added Excluded Excluded by the judge without consulting the protocol or the senior and removed Medium A valid Medium severity issue Duplicate A valid issue that is a duplicate of an issue with `Has Duplicates` label labels May 12, 2024
@sherlock-admin2 sherlock-admin2 changed the title Bumpy Iron Penguin - Lack of proper cross-chain EIP-712 parameters could lead to wrong edges getting acknowledged. maushish - Lack of proper cross-chain EIP-712 parameters could lead to wrong edges getting acknowledged. May 12, 2024
@sherlock-admin2 sherlock-admin2 added the Non-Reward This issue will not receive a payout label May 12, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Excluded Excluded by the judge without consulting the protocol or the senior Non-Reward This issue will not receive a payout Sponsor Disputed The sponsor disputed this issue's validity Won't Fix The sponsor confirmed this issue will not be fixed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@ccashwell @Hash01011122 @sherlock-admin2 @sherlock-admin3 @sherlock-admin4