The usage of a cached DOMAIN_SEPARATOR present in the initializer of the GraphTokenUpgradeable contract may lead to replay attacks in the case of an eventual fork of the chain, since the cached domain separator is constructed with an initial chainId that isn't checked afterwards.
trust1995
commented
1 year ago
Lines of code
https://github.com/code-423n4/2022-10-thegraph/blob/main/contracts/l2/token/GraphTokenUpgradeable.sol#L161
Vulnerability details
Impact
The usage of a cached
DOMAIN_SEPARATORpresent in the initializer of theGraphTokenUpgradeablecontract may lead to replay attacks in the case of an eventual fork of the chain, since the cached domain separator is constructed with an initialchainIdthat isn't checked afterwards.Recommended Mitigation Steps
Compare the cached
chainIdtoblock.chainIdto use the cachedDOMAIN_SEPARATOR, seeEIP712in OZ contracts: https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/cryptography/EIP712.sol#L70