HickupHH3
commented
2 years ago - Incorrect implementation of DOMAIN_SEPARATOR I confirmed with the sponsor that the v1 being appended after the separtor was constructed was an attempt to help with future upgrades. However, the purpose of the DOMAIN_SEPARATOR is to actually ensure that signatures pre-upgrade are invalid post-upgrade. Users shouldn't be able to double spend - once on the old contract, and once on the new one. It looks like this behavior was done in the previous version of Rubicon as well. While no funds are at risk because the separator is used with a nonce that is currently kept at its same storage slot, there's nothing guaranteeing this for future upgrades, so it's best to fix the separator to use the actual token name.
dup of #38
Judge has assessed an item in Issue #203 as Medium risk. The relevant finding follows: