Signature replay in `GraphTokenUpgradeable.permit`

[code423n4]

Lines of code

https://github.com/code-423n4/2022-10-thegraph/blob/309a188f7215fa42c745b136357702400f91b4ff/contracts/l2/token/GraphTokenUpgradeable.sol#L86

Vulnerability details

Impact

DOMAIN_SEPARATOR is not refreshed if the network changed.

Proof of Concept

During a network fork, the chain id will change, for that reason the code should check if the chain id is the same as the stored one, otherwise, it will take the stored DOMAIN_SEPARATOR instead of use the new one. This will deal in a signature replay use, because in the two networks the DOMAIN_SEPARATOR will be the same.

Poc:

• Ethereum suffer a fork to ethereum classic.
• Alice permit something to bob in ethereum.
• Bob will permit the same in the two networks.

Note: that the contract is updatable, it will help to fix the problem (after the hack), not before this problem was known, and it's not know because it hasn't been fixed before.

Recommended Mitigation Steps

• Use EIP712

[trust1995]

Dup of #277

[0xean]

downgrading to match dupe of #277

[0xean]

M seems correct severity based on external requirements (fork) and the graph wanting to support its token on both networks.

[pcarranzav]

Should this be closed as it is a dupe of #277?