checkSignature modifier does not consider block.chainid
Summary
In the TitlesGraph.checkSignature modifier, it checks the signature without the block.chainID, which means an attacker can use the same signature on another chain.
Vulnerability Detail
In the TitlesGraph.checkSignature modifier, it checks the signature with edgeId, data and signature parameters.
This modifier does not consider block.chainID, so attacker can pass this modifier with variables: edgeId, data and signature which is used in another chain.
Impact
The attacker, who is not the creator or the entity of edges[edgeId_].to can change the edge's acknowledged status.
KupiaSec
medium
checkSignature
modifier does not considerblock.chainid
Summary
In the TitlesGraph.checkSignature modifier, it checks the signature without the block.chainID, which means an attacker can use the same signature on another chain.
Vulnerability Detail
In the
TitlesGraph.checkSignature
modifier, it checks the signature withedgeId
,data
andsignature
parameters.https://github.com/sherlock-audit/2024-04-titles/blob/d7f60952df22da00b772db5d3a8272a988546089/wallflower-contract-v2/src/graph/TitlesGraph.sol#L40
This modifier does not consider
block.chainID
, so attacker can pass this modifier with variables:edgeId
,data
andsignature
which is used in another chain.Impact
The attacker, who is not the creator or the entity of
edges[edgeId_].to
can change the edge'sacknowledged
status.Tool used
Manual Review
Code Snippet
https://github.com/sherlock-audit/2024-04-titles/blob/d7f60952df22da00b772db5d3a8272a988546089/wallflower-contract-v2/src/graph/TitlesGraph.sol#L34C1-L50C6
Recommendation
Duplicate of #284