Closed c4-submissions closed 12 months ago
raymondfam marked the issue as low quality report
raymondfam marked the issue as duplicate of #44
alex-ppg marked the issue as not a duplicate
Direct invocation of the PolicyValidator::isPolicySignatureValid
function is inconsequential as it is a non-mutating function (view
) and thus would not result in any side-effects.
Additionally, the signatures meant for the Gnosis Safe are discarded because they have already been validated by the Gnosis Safe itself; the PolicyValidator::isPolicySignatureValid
function is invoked as part of a Gnosis Wallet transaction execution flow which will validate the signatures properly.
alex-ppg marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-10-brahma/blob/dd0b41031b199a0aa214e50758943712f9f574a0/contracts/src/core/PolicyValidator.sol#L156-L167 https://github.com/code-423n4/2023-10-brahma/blob/dd0b41031b199a0aa214e50758943712f9f574a0/contracts/src/core/PolicyValidator.sol#L100-L142
Vulnerability details
Impact
Loss of control and loss of funds for Safe owners. Their signatures are meant to authorize transactions, but the logic discards them and enables potential theft.
Proof of Concept
the signature validation in the provided code does not properly verify the chain of trust back to the safe owners. Here is a detailed explanation: The key part of the vulnerability is in the _decompileSignatures function:
This function is discarding the safe owners signatures and only returning the trusted validator's signature. Later in isPolicySignatureValid, it calls _decompileSignatures to extract the validator signature and only verifies that signature:
The key issues are:
Here is how an attack would work:
Tools Used
Manual
Recommended Mitigation Steps
_decompileSignatures should not discard safeSignature and isPolicySignatureValid should verify it contains valid safe owner signatures that match the discarded validatorSignature. A suggestive example:
This ensures the validator signature can only be considered valid if authorized by the safe owners, preventing the attack.
Assessed type
Other