Closed c4-bot-4 closed 6 months ago
raymondfam marked the issue as insufficient quality report
raymondfam marked the issue as duplicate of #10
This would require refactoring that might interfere with the intended logic if revert isn't allowed.
Starting from the same quote reported in the finding:
If the account does not support signature aggregation, it MUST validate the signature is a valid signature of the userOpHash, and SHOULD return SIG_VALIDATION_FAILED (and not revert) on signature mismatch. Any other error MUST revert.
The protocol complies strictly with that statement:
1
which is the value of SIG_VALIDATION_FAILED
, as it SHOULD
doMUST
dovalidUntil
and validAfter
are always 0
, which is OK because the wallet's UserOperation
does not allow specifying validity windows 3docSec marked the issue as unsatisfactory: Insufficient proof
Lines of code
https://github.com/code-423n4/2024-03-coinbase/blob/main/src/SmartWallet/CoinbaseSmartWallet.sol#L137-L167
Vulnerability details
Impact
When validating signatures, the validateUserOp function must always return SIG_VALIDATION_FAILED if signature validation fails.
According to EIP 4337 specifications: 'If the account does not support signature aggregation, it MUST validate the signature is a valid signature of the userOpHash, and SHOULD return SIG_VALIDATION_FAILED (and not revert) on signature mismatch. Any other error MUST revert.'
https://eips.ethereum.org/EIPS/eip-4337
Proof of Concept
https://github.com/code-423n4/2024-03-coinbase/blob/main/src/SmartWallet/CoinbaseSmartWallet.sol#L137-L167
Tools Used
Recommended Mitigation Steps
change
by
Assessed type
Error