Closed akshay-ap closed 2 months ago
Totals | |
---|---|
Change from base Build 9710052157: | -0.09% |
Covered Lines: | 391 |
Relevant Lines: | 403 |
Totals | |
---|---|
Change from base Build 9710052157: | -0.09% |
Covered Lines: | 391 |
Relevant Lines: | 403 |
Totals | |
---|---|
Change from base Build 9710052157: | -0.09% |
Covered Lines: | 391 |
Relevant Lines: | 403 |
Files with Coverage Reduction | New Missed Lines | % | ||
---|---|---|---|---|
contracts/SafeL2.sol | 5 | 0.0% | ||
<!-- | Total: | 5 | --> |
Totals | |
---|---|
Change from base Build 9710052157: | -0.7% |
Covered Lines: | 386 |
Relevant Lines: | 403 |
Totals | |
---|---|
Change from base Build 9710052157: | 0.05% |
Covered Lines: | 391 |
Relevant Lines: | 403 |
Totals | |
---|---|
Change from base Build 9710052157: | 0.05% |
Covered Lines: | 391 |
Relevant Lines: | 403 |
Closing in favor of https://github.com/safe-global/safe-modules/pull/453
The context of the decision is:
Fixes #754
This PR enforces stricter checks on the signature length during verification. The
checkNSignatures
now checks that after completing the signature verification, theoffset
points to the end of the signature data. This ensures that no additional bytes are present than required for the verification to work.Without this change, currently there is no restriction on length of signature submitted for verification due to which an attacker can possibly append additional bytes when using Safe + 4337 module and hit
verificationGasLimit
. This can cause Safe to pay more for verification than needed.Note: A transaction will fail with
GS028
orGS021
based on the how signatures are submitted when signatures contain additional approvals than required threshold. Wallet and other applications have to consider this during error handling if relevant.Changes in PR
Safe
contract checks if signature data does not contain additional bytes data than requiredGS028
Codesize change
This PR
Main branch
Gas implications
TODO
Problem
If the signatures payload contains more approvals from owners than required
threshold
, the signature validation will fail. This is a breaking change for wallet