Closed sherlock-admin4 closed 1 month ago
An ECDSA signature should never be used by a smart contract as part of a key meant to represent a unique signed action. This is unrelated to the permit functionality and is entirely the responsibility of the third party contract.
JuggerNaut63
High
Signature Malleability in _isValidSignature Function
Summary
The
_isValidSignature
function in the SDAO contract uses the built-in ecrecover function, which is susceptible to signature malleability. This vulnerability can allow attackers to manipulate signatures, potentially leading to unauthorized access and loss of funds.Vulnerability Detail
The
ecrecover
function is used to validate signatures. However, it is known to be vulnerable to signature malleability, meaning the same message can be signed in multiple ways. This can allow attackers to alter the signature without invalidating it, leading to potential security breaches. https://github.com/sherlock-audit/2024-06-makerdao-endgame/blob/main/endgame-toolkit/src/SDAO.sol#L343Impact
Code Snippet
https://github.com/sherlock-audit/2024-06-makerdao-endgame/blob/main/endgame-toolkit/src/SDAO.sol#L333-L358
Tool used
Manual Review
Recommendation
Replace
ecrecover
with ECDSA LibraryDuplicate of #8