Closed i-stam closed 4 years ago
Are we all happy to add this in? @draganm @nostdm @jeffreybolle ?
That's probably the easiest solution - @i-stam do you want to add this to the execute method? I can review.
This has been addressed by this pull-request https://github.com/tokencard/contracts/pull/568
We have also solidified the code to ensure that the metatransaction was intended for the correct chain, via a chainID
In the current wallet version, relayed transactions can be replayed by the controller in other wallets that have the same owner. This requires that the owner possesses 2 different wallets and the controller gets compromised or is malicious. The transactions can also be replayed if a wallet is migrated to a future version. It can be mitigated by signing the current wallet address (address(this)) along with the nonce.