Pull request #44 introduces signature validator flow that allows contracts validate signatures for the account.
Specs define 2 possible flows validating signatures:
Default flow (validation by the account)
Validation Domain specific flow (validation by a signature validator)
To differentiate between these flows, a 4 bytes selector is prepended to the signed data. The validation flow is routed based on the the value of this selector.
A malicious actor can change this selector and change the routing of the validation flow.
This issue is created to evaluate the security impact of changed routing.
Pull request #44 introduces signature validator flow that allows contracts validate signatures for the account. Specs define 2 possible flows validating signatures:
To differentiate between these flows, a 4 bytes selector is prepended to the signed data. The validation flow is routed based on the the value of this selector.
A malicious actor can change this selector and change the routing of the validation flow.
This issue is created to evaluate the security impact of changed routing.