31 matches found
EVM Elliptic Curve Recovery Discrepancy
Lines of code Vulnerability details Impact The Ecrecover.yul file meant to simulate the ecrecover mechanism as executed by traditional ETH 1.0 consensus mechanisms is incorrect. In detail, it does not conform to the "Homestead" update which introduced an upper-bound check for s values of an r, s,...
## [H-02] Return value of 0 from ecrecover not checked
Lines of code Vulnerability details Impact The solidity function ecrecover is used, however the error result of 0 is not checked for. See documentation: "recover the address associated with the public key from elliptic curve signature or return zero on error. " Now you can supply invalid input...
incorrect message signer check in ecrecover() and no validation for oracleSigner which would cause all the unsigned messagess to be considered asvalid ones
Lines of code Vulnerability details Impact address oracleSigner has been used to verify signed messages by comparing the return value of ecrecover by oracleSigner. but the return value of ecrecover would be 0x0 and code doesn't check that return value is not 0x0. if owner set oracleSigner as 0x0 ...
Holograph contracts can be deployed by any user successfully through user-crafted signature and signer input
Lines of code Vulnerability details Impact HolographFactory.deployHolographableContract deploys holographable smart contract by accepting config, signature and signer inputs. Due to user input signer passed by the caller, it is possible for signature verification to pass by using the known signer...
No check if 'ecrecover()' fails
Lines of code Vulnerability details Impact addMember function makes a call to 'ecrecover' to grab the 'community owner' & 'new member'. The problem is that if 'ecrecover' fails it will return a 0 which is currently not guarded against. This was a problem in the famous Polygon Matic token bug. The...
Direct usage of ecrecover allows signature malleability
Lines of code Vulnerability details Impact The permit function of ERC20Permit calls the Solidity ecrecover function directly to verify the given signatures. However, the ecrecover EVM opcode allows malleable non-unique signatures and thus is susceptible to replay attacks. This can leads to permit...
lockWithPermit() function allows for replay attacks and signature malleability
Handle jayjonah8 Vulnerability details Impact In XDEFIDistribution.sol the lockWithPermit function calls permit on the XDEFI token. The problem with simply using permit alone for this is the message that is signed by the owner using the ECDSA algorithm. The message only contains the receiver...
return value of 0 from ecrecover not checked
Handle gpersoon Vulnerability details Impact The solidity function ecrecover is used, however the error result of 0 is not checked for. See documentation: "recover the address associated with the public key from elliptic curve signature or return zero on error. " Now you can supply invalid input...
Missing zero address check for ecrecover will validate invalid signatures
Handle 0xRajeev Vulnerability details Impact Solidity’s ecrecover returns 0 if signature is invalid. The Sig.sol library does not perform zero address check on ecrecover’s return value and returns it as-is. The validOrderHash function in Swivel which uses Sig.recover compares its return value...
functions permit and permitAll can be tricked by an invalid signature
Handle pauliax Vulnerability details Impact When the signature is not valid, ecrecover returns empty 0x0 address. There is a potential check against that: require recoveredAddress != address0 && recoveredAddress == owner || isApprovedForAllownerrecoveredAddress, "INVALIDPERMITSIGNATURE" ; However...
Beebots.TradeValid() Will Erroneously Return True When Maker Is Set To Address(0) and makerIds Are Set To The TokenIds of Unminted Beebot NFTs
Handle jvaqa Vulnerability details Impact Beebots.TradeValid Will Erroneously Return True When Maker Is Set To Address0 and makerIds Are Set To The TokenIds of Unminted Beebot NFTs Beebots.verify Returns True No Matter What Signature Is Given When Signer Is Set To address0. This means that...