block.chainid may change in case of a hardfork

[code423n4]

Handle

defsec

Vulnerability details

Impact

The 'DOMAIN_SEPARATOR' is not recalculated in the case of a hard fork. The variable DOMAIN_SEPARATOR in contract UniswapV2ERC20 (https://github.com/code-423n4/2021-11-vader/blob/607d2b9e253d59c782e921bfc2951184d3f65825/contracts/external/UniswapV2ERC20.sol#L26) is cached in the contract storage and will not change after being initialized. However, if a hard fork happens after the contract deployment, the domain would become invalid on one of the forked chains due to the block.chainid has changed.

A similar issue was reported in a previous contest and was assigned a severity of low: code-423n4/2021-06-realitycards-findings#166

Tools Used

Code Review

Recommended Mitigation Steps

As an solution that you may consider applying is from Sushi Trident: https://github.com/sushiswap/trident/blob/concentrated/contracts/pool/concentrated/TridentNFT.sol#L47-L62

[SamSteinGG]

This finding relates to a test file.