ECDSA's malleability can be used to create new signatures under specific conditions. This post explores how serious these attacks can be.
Tools Used
Recommended Mitigation Steps
Recomendation is to be added additional check for S:
uint256 constant MALLEABLE_VALUE_S = (0x7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a0);
// Check for malleable value in s.
if (uint256(s) > MALLEABLE_VALUE_S) {
revert InvalidS();
}
Lines of code
https://github.com/code-423n4/2023-01-ondo/blob/main/contracts/cash/kyc/KYCRegistry.sol#L100
Vulnerability details
Impact
Signature
Proof of Concept
ECDSA's malleability can be used to create new signatures under specific conditions. This post explores how serious these attacks can be.
Tools Used
Recommended Mitigation Steps
Recomendation is to be added additional check for S:
uint256 constant MALLEABLE_VALUE_S = (0x7fffffffffffffffffffffffffffffff5d576e7357a4501ddfe92f46681b20a0);