EIP-712 is not followed for `createDigestExecTx()`

[hats-bug-reporter[bot]]

Github username: @SB-Security Twitter username: SBSecurity_ Submission hash (on-chain): 0x8aa19e4a23c9709801c91aaf4d7c18cda3d40b65fd01739a316276c304165842 Severity: medium

Description: Description\ createDigestExecTx() do not hash correctly execTransaction.

Attack Scenario\ As per EIP-712 when a hash is computed dynamic types like bytes, should be encoded differently.

"The dynamic values bytes and string are encoded as a keccak256 hash of their contents."

• https://eips.ethereum.org/EIPS/eip-712#definition-of-encodedata

Attachments You can read more here - https://eips.ethereum.org/EIPS/eip-712#definition-of-encodedata

1. Proof of Concept (PoC) File

createDigestExecTx() should encoded data and signatures params when computing the hash.

function createDigestExecTx(
        bytes32 domainSeparatorSafe,
        Transaction memory safeTx
    ) public view returns (bytes32) {
        bytes32 digest = _hashTypedDataV4(
            domainSeparatorSafe,
            keccak256(
                abi.encode(
                    keccak256(
                        "execTransaction(address to,uint256 value,bytes data,Enum.Operation operation,uint256 safeTxGas,uint256 baseGas,uint256 gasPrice,address gasToken,address refundReceiver,bytes signatures)"
                    ),
                    safeTx.to,
                    safeTx.value,
                    safeTx.data,
                    safeTx.operation,
                    safeTx.safeTxGas,
                    safeTx.baseGas,
                    safeTx.gasPrice,
                    safeTx.gasToken,
                    safeTx.refundReceiver,
                    safeTx.signatures
                )
            )
        );

        return digest;
    }

2. Revised Code File (Optional)

[0xRizwan]

duplicate of #6

[alfredolopez80]

invalid like mention in #6