0age
commented
1 year ago contested, check is in _assertValidSignature
Closed code423n4 closed 1 year ago
0age
commented
1 year ago contested, check is in _assertValidSignature
c4-judge
commented
1 year ago HickupHH3 marked the issue as unsatisfactory: Insufficient quality
Lines of code
https://github.com/ProjectOpenSea/seaport/blob/5de7302bc773d9821ba4759e47fc981680911ea0/contracts/lib/Verifiers.sol#L71
Vulnerability details
Impact
The _verifySignature function checks if the provided signature is valid by calling the internal function _assertValidSignature. However, if the signature is not valid, the function does not handle the case and continues with the execution, this could lead to unexpected behavior.
Proof of Concept
possible attack would be for an attacker to provide an invalid signature to the _verifySignature function. Since the function does not handle the case where the signature is not valid, it would continue with the execution and potentially allow the attacker to execute the order even though it should not be.
For example, consider an order that is supposed to be executed by the offerer of the order after signing the orderhash. In this case, an attacker can provide a different address as the offerer and a fake signature for the orderhash to the _verifySignature function and the function will not handle the case, it will continue with the execution and potentially allow the attacker to execute the order even though they are not the offerer.
Tools Used
vs code
Recommended Mitigation Steps
To fix this issue, the code should include a check to ensure that the provided signature is valid. If the signature is not valid, the function should revert the transaction and return an error message.