This might result in signature malleability depending on which ECDSA version is used.
Proof of Concept
As already above described, the validatePaymasterUserOp function lays the first step for potential signature malleability due to it accepting a length of 64 as well. Depending on the used version of ECDSA.sol this will result in a potential vulnerability. We are aware that the deployment will most probably automatically use the fixed ECDSA.sol contract, however, if this codebase is ever forked with an older ECDSA.sol version, the vulnerability will occur, while this could be easily fixed. Hence the medium risk rating.
Tools Used
VSCode
Recommended Mitigation Steps
Consider limiting the sigLength acceptance to 65 in order to prevent potential signature malleabilities.
Lines of code
https://github.com/code-423n4/2023-01-biconomy/blob/main/scw-contracts/contracts/smart-contract-wallet/paymasters/verifying/singleton/VerifyingSingletonPaymaster.sol#L107
Vulnerability details
Impact
The
validatePaymasterUserOp
allows for both 64 and 65 sig lengths:require(sigLength == 64 || sigLength == 65, "VerifyingPaymaster: invalid signature length in paymasterAndData");
This might result in signature malleability depending on which ECDSA version is used.
Proof of Concept
As already above described, the
validatePaymasterUserOp
function lays the first step for potential signature malleability due to it accepting a length of 64 as well. Depending on the used version ofECDSA.sol
this will result in a potential vulnerability. We are aware that the deployment will most probably automatically use the fixedECDSA.sol
contract, however, if this codebase is ever forked with an olderECDSA.sol
version, the vulnerability will occur, while this could be easily fixed. Hence the medium risk rating.Tools Used
VSCode
Recommended Mitigation Steps
Consider limiting the
sigLength
acceptance to 65 in order to prevent potential signature malleabilities.