Closed k06a closed 2 years ago
@k06a the functions in Account.sol are called via delegatecall by proxy account contracts. We need the domain separator to include the proxy account address, otherwise replay attacks are possible. The address(this) here https://github.com/brinktrade/brink-core/pull/30/files#diff-b56fb621b74da3c4dc71b48e24df782bbea726ad0ce58ef645b78d2461c85697L29 would be the address of the proxy account, but in the constructor it would be the address of the Account.sol deployed contract.
delegatecall
address(this)
@mikec agree, can have immutable CACHED_THIS and CACHED_CHAIN_ID and use this cached DONAIN_SEPARATOR only if address of this and chain_id match immutables. Same way as it now works in OpenZeppelin solidity library.
@k06a the functions in Account.sol are called via
delegatecall
by proxy account contracts. We need the domain separator to include the proxy account address, otherwise replay attacks are possible. Theaddress(this)
here https://github.com/brinktrade/brink-core/pull/30/files#diff-b56fb621b74da3c4dc71b48e24df782bbea726ad0ce58ef645b78d2461c85697L29 would be the address of the proxy account, but in the constructor it would be the address of the Account.sol deployed contract.