Relayed transactions can be replayed by controller in other wallets with the same owner

[i-stam]

In the current wallet version, relayed transactions can be replayed by the controller in other wallets that have the same owner. This requires that the owner possesses 2 different wallets and the controller gets compromised or is malicious. The transactions can also be replayed if a wallet is migrated to a future version. It can be mitigated by signing the current wallet address (address(this)) along with the nonce.

[mischat]

Are we all happy to add this in? @draganm @nostdm @jeffreybolle ?

[nostdm]

That's probably the easiest solution - @i-stam do you want to add this to the execute method? I can review.

[mischat]

This has been addressed by this pull-request https://github.com/tokencard/contracts/pull/568

[mischat]

We have also solidified the code to ensure that the metatransaction was intended for the correct chain, via a chainID