Builder can reduce his debt more than expected by replaying signature

Lines of code Vulnerability details Impact A builder can, after it convened with the lender and an external agent to reduce his debt through escrow, reuse the signature and pass it again to escrow many times. This allows him to reduce his debt more than expected, leaving the lender at a loss. Pro...

Community's escrow allows for signature replay

Lines of code Vulnerability details checkSignatureValidity verification by signature do not utilize nonces and can be tricked by using owner / builder signatures from earlier calls. Namely, while checkSignatureValidity's approvedHashes based way can used only once as it deletes the corresponding...