Closed sherlock-admin4 closed 1 month ago
Signature re-use is not possible due to its inclusion in _isUsed
, and front-running isn't a concern for this as there's no value for an attacker to do so.
Escalate
This is a valid issue. The duplicate was accepted and is rewarded here: https://github.com/sherlock-audit/2024-04-titles-judging/issues/273
Escalate
This is a valid issue. The duplicate was accepted and is rewarded here: https://github.com/sherlock-audit/2024-04-titles-judging/issues/273
You've created a valid escalation!
To remove the escalation from consideration: Delete your comment.
You may delete or edit your escalation comment anytime before the 48-hour escalation window closes. After that, the escalation becomes final.
Agree with the escalation, planning to accept and duplicate with #273
Result: Medium Duplicate of #273
ComposableSecurity
medium
Message digest does not include the type of operation
Summary
Functions that are used to acknowledge and unacknowledge the edges in
TitlesGraph
contract use exactly the same digest when verifying the signature. That is because the digest does not include the value which states whether it is actually an acknowledge or unacknowledge.The attacker can front-run the user and use their signature to execute the opposite operation.
Vulnerability Detail
The functions that accept signature parameter, which are:
acknowledgeEdge(bytes32 edgeId_, bytes calldata data_, bytes calldata signature_)
andunacknowledgeEdge(bytes32 edgeId_, bytes calldata data_, bytes calldata signature_)
, use the same parameters to generate the message digest (that isbytes32 digest = _hashTypedData(keccak256(abi.encode(ACK_TYPEHASH, edgeId, data)));
).The same signature can be used to acknowledge and unacknowledge the edge. The attacker could front-run the transaction with a correct signature and execute another transaction with changed value and the same signature, resulting in the opposite operation.
Impact
The attacker can front-run the user and use the signature to unacknowledge the edge which is being acknowledged (and the opposite way).
Code Snippet
https://github.com/sherlock-audit/2024-04-titles/blob/main/wallflower-contract-v2/src/graph/TitlesGraph.sol#L40-L50
Tool used
Manual Review
Recommendation
Include the boolean value in the message digest (the
structHash
param of EIP712).Duplicate of #273