Signature Malleability in Signature Verification Using ecrecover

[hats-bug-reporter[bot]]

Github username: -- Twitter username: dod4ufn Submission hash (on-chain): 0x28e7489aaa6f851dab0f1ef245b5887370a9d7572b54056fe109248e2e373a35 Severity: low

Description: Description\ The code uses the native ecrecover function to verify the given signatures. However, the ecrecover() opcode allows malleable (non-unique) signatures and thus is susceptible to replay attacks.

This issue has been successfully submitted in other contests and considered a valid low.

Reference: https://code4rena.com/reports/2022-11-non-fungible#n-11-stop-using-v--27--v--28-or-v--27--v--28

1. Proof of Concept (PoC)

if (v < 27) v += 27;
require(v == 27 || v == 28, "Invalid signature");

// Recover the signer's address.
voucherAddress = ecrecover(hash, v, r, s);

2. Revised Code

Use the ecrecover function from OpenZeppelin's ECDSA library for signature verification. (Ensure using a version > 4.7.3 for there was a critical bug >= 4.1.0 < 4.7.3).

[clesaege]

Vouches last until their expiration period. They can and should be able to be used multiple time.