Open c4-bot-5 opened 6 months ago
M-11: Protocol does not implement EIP712 correctly on multiple occasions
PR-2: properly implementing eip-712
All the suggested mitigations were implemented on the PR correctly:
abi.encodePacked
rentalOrderTypeHash
keccak256(hook.extraData)
_deriveHookHash()
orderType
emittedExtraData
rentalWallet
Ref: EIP-712
Successful Mitigation
gzeon-c4 marked the issue as satisfactory
gzeon-c4 marked the issue as confirmed for report
Lines of code
Vulnerability details
C4 Issue
M-11: Protocol does not implement EIP712 correctly on multiple occasions
Mitigation
PR-2: properly implementing eip-712
All the suggested mitigations were implemented on the PR correctly:
abi.encodePacked
when calculating therentalOrderTypeHash
keccak256(hook.extraData)
when calculating_deriveHookHash()
orderType
,emittedExtraData
,rentalWallet
)Ref: EIP-712
Conclusions
Successful Mitigation