search

aave / aave-v3-core

This repository contains the core smart contracts of the Aave V3 protocol.
https://aave.com
Other
876 stars 572 forks source link

Adaptive domain seperator #163

Closed LHerskind closed 3 years ago

LHerskind commented 3 years ago

Identified by: Trail of Bits

Scope: The AToken, VariableDebtToken, StableDebtToken and DebtTokenBase all write a DOMAIN_SEPERATOR to storage when initialized, and then read it when used in the permit function. In the event of a hard fork post-deployment, the chainID is not updated and a valid signature for one chain could be replayed on the other.

To circumvent this issue, we can generate the DOMAIN_SEPERATOR at verification time with the current chainID. Through this change, the signature will only be valid on its intended domain (assuming chainID will differ between the chains).

Issue pointed out by Trail of Bits.

foodaka commented 3 years ago

Reported: Trail of Bits. Week1 Audit Report Section 2 Lack of chainID validation allows reuse of signatures across forks

foodaka commented 3 years ago

references https://github.com/aave/aave-v3-core/tree/fix/163-adaptive-domain-seperator