search

code-423n4 / 2023-07-moonwell-findings

1 stars 0 forks source link

[M] Signature maleability in mintWithPermit due to lack of checks on v, r and s #293

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-07-moonwell/blob/fced18035107a345c31c9a9497d0da09105df4df/src/core/MErc20Delegator.sol#L97

Vulnerability details

Impact

Lack of checks on the V, R & S signature values allow for signature malleability.

Proof of Concept

A user (the token holder) generates a valid permit signature for a specific message that permits the mintWithPermit function to execute a token minting operation on their behalf.

The user submits the transaction to the contract with the valid permit signature.

However, an attacker intercepts this transaction before it gets included in a block. The attacker modifies the signature in such a way that the new signature is different from the original, but it is still considered valid for the same message.

The attacker resubmits the transaction with the modified signature to the contract.

If the receiving contract does not properly validate the signatures, it might mistakenly treat the modified signature as a valid permit and proceed with the minting operation.

Tools Used

Manual Review

Recommended Mitigation Steps

https://eips.ethereum.org/EIPS/eip-2612

According to the EIP-2612 standard, the signature parameters v, r, and s should be checked

Assessed type

Invalid Validation

c4-pre-sort commented 1 year ago

0xSorryNotSorry marked the issue as duplicate of #338

c4-judge commented 1 year ago

alcueca marked the issue as unsatisfactory: Out of scope