Signatures for CardTopupTrusted are usable after a chain fork
Summary
After a chain fork (and when the contract is deployed to new chains), reuse of signatures is possible.
Vulnerability Detail
Because the trusted party signatures that are used in CardTopupTrusted do not include a chain ID, they can be used after a chain fork on both chains. Furthermore, if the contract is ever deployed on another chain, they can also be used there.
Impact
See above, after a chain fork or a deployment on a new chain, it is still possible to use the signatures that were determined for the old chain. Furthermore, when the system is deployed on multiple chains, signing data that can only be used on one chain is not possible.
Lambda
medium
Signatures for CardTopupTrusted are usable after a chain fork
Summary
After a chain fork (and when the contract is deployed to new chains), reuse of signatures is possible.
Vulnerability Detail
Because the trusted party signatures that are used in
CardTopupTrusteddo not include a chain ID, they can be used after a chain fork on both chains. Furthermore, if the contract is ever deployed on another chain, they can also be used there.Impact
See above, after a chain fork or a deployment on a new chain, it is still possible to use the signatures that were determined for the old chain. Furthermore, when the system is deployed on multiple chains, signing data that can only be used on one chain is not possible.
Code Snippet
https://github.com/sherlock-audit/2022-10-mover/blob/main/cardtopup_contract/contracts/HardenedTopupProxy.sol#L1033
Tool used
Manual Review
Recommendation
It is strongly recommended (see also https://eips.ethereum.org/EIPS/eip-712) to include a chain ID in the signed data.
Duplicate of #42