Closed sherlock-admin closed 2 years ago
ctf_sec
medium
the nonce is missing the signature schema in Factory.sol so the signature can be reused.
the current signature can be reused to execute transactions in Factory.sol
because the signature schema is not using nonce.
signedOnly( abi.encodePacked(msg.sender, templateName, initdata), signature )
the signature data only includes msg.sender, templateName, initData, not nonce.
the current signature can be reused to execute transactions
https://github.com/sherlock-audit/2022-10-nftport/blob/main/evm-minting-master/contracts/Factory.sol#L163-L177
https://github.com/sherlock-audit/2022-10-nftport/blob/main/evm-minting-master/contracts/Factory.sol#L537-L543
Manual Review
We recommend the project add nonce in the signature schema and increment the nonce to make sure the signature cannot be reused.
Duplicate of #106
ctf_sec
medium
Nonce is missing the signature schema in Factory.sol so signature can be reused.
Summary
the nonce is missing the signature schema in Factory.sol so the signature can be reused.
Vulnerability Detail
the current signature can be reused to execute transactions in Factory.sol
because the signature schema is not using nonce.
the signature data only includes msg.sender, templateName, initData, not nonce.
Impact
the current signature can be reused to execute transactions
Code Snippet
https://github.com/sherlock-audit/2022-10-nftport/blob/main/evm-minting-master/contracts/Factory.sol#L163-L177
https://github.com/sherlock-audit/2022-10-nftport/blob/main/evm-minting-master/contracts/Factory.sol#L537-L543
Tool used
Manual Review
Recommendation
We recommend the project add nonce in the signature schema and increment the nonce to make sure the signature cannot be reused.
Duplicate of #106