OZ signature checker

[RonTuretzky]

as @bagelface wrote

might consider using OZ SignatureChecker since it supports ERC-1271 smart contract signatures which could be very important considering the very likely possibility that some votes will be cast via multisig contracts.

https://docs.openzeppelin.com/contracts/5.x/api/utils#SignatureChecker

• [ ] Implement signature checker standard
• [ ] Create tests for signature passing

[bagelface]

There is currently a minor vulnerability with the signature checker in that it only requires percentages in the signature. This means that the same signature can be replayed multiple times, so a users percentages can be reset using any valid signature. To prevent this, the signature should encode a timestamp after which the signature is no longer valid OR use a nonce.

[RonTuretzky]

There is currently a minor vulnerability with the signature checker in that it only requires percentages in the signature. This means that the same signature can be replayed multiple times, so a users percentages can be reset using any valid signature. To prevent this, the signature should encode a timestamp after which the signature is no longer valid OR use a nonce.

Removed this feature on the dev branch