Signature Malleability in processAndSortSignatures

[hats-bug-reporter[bot]]

Github username: -- Twitter username: SBSecurity_ Submission hash (on-chain): 0x6f8e9bab3338f79b8ce97d73ab1eb7d84b01ee26a63c0fbb2787a1526d06178e Severity: low

Description: Description\ The ecrecover function can return a valid address from a malformed signature (one that has been subtly altered but still valid under the secp256k1 curve used in Ethereum). This can lead to issues where an attacker could manipulate a transaction signature to deceive a contract into accepting it as authentic, despite it being tampered with. Attack Scenario\ Describe how the vulnerability can be exploited.

Attachments

    function processAndSortSignatures(
        bytes32 dataHash,
        bytes memory signatures,
        address[] memory owners
    ) internal pure returns (bytes memory) {
                    // "eth_sign_flow" signatures are specified as v > 30 and are handled differently
                    // if not handle like EOA signature
                    (uint8 v1, bytes32 hashData) = v > 30
                        ? (
                            v - 4,
                            keccak256(
                                abi.encodePacked(
                                    "\\x19Ethereum Signed Message:\\n32", dataHash
                                )
                                )
                        )
                        : (v, dataHash);
                    signer = ecrecover(hashData, v1, r, s);
                }

        return concatenatedSignatures;
    }

1. Proof of Concept (PoC) File
2. Revised Code File (Optional)

Use ECDSA - https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/cryptography/ECDSA.sol

[0xRizwan]

duplicate of #8

[alfredolopez80]

invalid like mention in #8