In this function, the signed data doesn't include the chainId and because of this cross-chain replay attacks are possible.
Proof of Concept
According to EIP4337 standard to prevent replay attacks the signature should depend on chainId. But in these functions, chainId is not used.
A valid signature that was used on one chain could be copied by an attacker and propagated onto another chain.
Lines of code
https://github.com/Tapioca-DAO/tapioca-bar-audit/blob/master/contracts/markets/MarketERC20.sol#L251-L284
Vulnerability details
Impact
In
MarketERC20.sol
we have_permit()
function:In this function, the signed data doesn't include the
chainId
and because of this cross-chain replay attacks are possible.Proof of Concept
According to EIP4337 standard to prevent replay attacks the signature should depend on
chainId
. But in these functions,chainId
is not used. A valid signature that was used on one chain could be copied by an attacker and propagated onto another chain.Tools Used
Manual review
Recommended Mitigation Steps
Add
chainId
_permit()
functionstructHash
.Assessed type
Other