The validate function in the contract is vulnerable to signature malleability. When a signature is malleable, it means that it is possible to produce another valid signature for the same message
The validate function relies on the isValidSignatureNow method to verify that the provided signature is valid. However, this method does not check if a signature is non-malleable. This means that even after a signature has been marked as used, a different but still valid signature for the same message can be generated and used again.
/// Validate that the action has been completed successfully by constructing a payload and checking the signature against it
/// @inheritdoc AValidator
function validate(uint256 boostId, uint256 incentiveId, address claimant, bytes calldata claimData)
external
override
returns (bool)
{
if (msg.sender != _validatorCaller) revert BoostError.Unauthorized();
(BoostClaimData memory claim) = abi.decode(claimData, (BoostClaimData));
(SignerValidatorInputParams memory validatorData) =
abi.decode(claim.validatorData, (SignerValidatorInputParams));
bytes32 hash = hashSignerData(boostId, validatorData.incentiveQuantity, claimant, claim.incentiveData);
if (uint256(validatorData.incentiveQuantity) <= incentiveId) {
revert BoostError.InvalidIncentive(validatorData.incentiveQuantity, incentiveId);
}
if (!signers[validatorData.signer]) revert BoostError.Unauthorized();
// Mark the incentive as claimed to prevent replays
// checks internally if the incentive has already been claimed
_used.setOrThrow(hash, incentiveId); //@check-check for signature related issue here
// Return the result of the signature check
// no need for a sig prefix since it's encoded by the EIP712 lib
return validatorData.signer.isValidSignatureNow(hash, validatorData.signature);
}
The function computes a hash of the data and checks if the signature is valid. If valid, the hash is marked as used to prevent replay attacks. However, due to signature malleability, a different valid signature for the same message can bypass this check.
Impact
When a signature is malleable, it means that it is possible to produce another valid signature for the same message
AresAudits
Medium
Signature Malleability Issue in validate Function
Summary
The validate function in the contract is vulnerable to signature malleability. When a signature is malleable, it means that it is possible to produce another valid signature for the same message
duplicate of https://github.com/sherlock-audit/2024-04-titles-judging/issues/279
Vulnerability Detail
The
validatefunction relies on theisValidSignatureNowmethod to verify that the provided signature is valid. However, this method does not check if asignatureis non-malleable. This means that even after a signature has been marked as used, a different but still valid signature for the same message can be generated and used again.The function computes a hash of the data and checks if the signature is valid. If valid, the hash is marked as used to prevent replay attacks. However, due to signature malleability, a different valid signature for the same message can bypass this check.
Impact
When a signature is malleable, it means that it is possible to produce another valid signature for the same message
Code Snippet
https://github.com/sherlock-audit/2024-06-boost-aa-wallet/blob/78930f2ed6570f30e356b5529bd4bcbe5194eb8b/boost-protocol/packages/evm/contracts/validators/SignerValidator.sol#L50C4-L75C6
Tool used
Manual Review
Recommendation