search

code-423n4 / 2023-01-ondo-findings

0 stars 0 forks source link

Malleable value in S #302

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-01-ondo/blob/main/contracts/cash/kyc/KYCRegistry.sol#L100

Vulnerability details

Impact

Signature

Proof of Concept

ECDSA's malleability can be used to create new signatures under specific conditions. This post explores how serious these attacks can be.

Tools Used

Recommended Mitigation Steps

Recomendation is to be added additional check for S: uint256 constant MALLEABLE_VALUE_S = (0x7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a0);

// Check for malleable value in s.
 if (uint256(s) > MALLEABLE_VALUE_S) {
    revert InvalidS();
}
c4-judge commented 1 year ago

trust1995 marked the issue as unsatisfactory: Invalid