Skip to content

Latest commit

 

History

History
80 lines (53 loc) · 3.47 KB

071.md

File metadata and controls

80 lines (53 loc) · 3.47 KB
Raw

Fantastic Wintergreen Tapir

Medium

Incorrect encoding of array values for EIP712 signatures.

Summary

According to the official EIP-712 specification (Link), arrays are classified as reference types. Unlike primitive types, their encoding involves a unique process. Specifically, the specification states:

Array values are encoded as the keccak256 hash of the concatenated encodeData of their elements (i.e., encoding SomeType[5] is identical to encoding a struct with five SomeType members).
Link

This emphasizes that arrays should be encoded as the keccak256 hash of their concatenated encoded elements. However, in the VVVVCTokenDistributor::_isSignatureValid(...) function, arrays are directly encoded, as seen below:

function _isSignatureValid(ClaimParams memory _params) private view returns (bool) {
    bytes32 digest = keccak256(
        abi.encodePacked(
            "\x19\x01",
            DOMAIN_SEPARATOR,
            keccak256(
                abi.encode(
                    CLAIM_TYPEHASH,
                    _params.kycAddress,
                    _params.projectTokenAddress,
@>                 _params.projectTokenProxyWallets,  // Incorrect encoding
@>                 _params.tokenAmountsToClaim,      // Incorrect encoding
                    _params.nonce,
                    _params.deadline
                )
            )
        )
    );

    address recoveredAddress = ECDSA.recover(digest, _params.signature);

    bool isSigner = recoveredAddress == signer;
    bool isExpired = block.timestamp > _params.deadline;
    return isSigner && !isExpired;
}

GitHub: Link

This implementation conflicts with the EIP-712 specification and could cause signature verification failures.

Root Cause

Incorrect encoding of array elements when generating the digest.

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

No response

Impact

Signature verification may fail, leading to potential denial-of-service (DoS) scenarios where valid claims are rejected.

PoC

The following resources illustrate the issue:

  1. https://mirror.xyz/jaredborders.eth/G2RP5XAfLbNZv01DXgxuzv_34bQF_PuO1X2u0Nhop9g
  2. https://ethereum.stackexchange.com/questions/125105/signing-an-array-whit-eth-signtypeddata-v4

Mitigation

The resources linked in the PoC section provide guidance on correctly encoding arrays in accordance with EIP-712 standards.

Here is an example from seaport contracts: https://github.com/ProjectOpenSea/seaport/blob/a62c2f8f484784735025d7b03ccb37865bc39e5a/reference/lib/ReferenceGettersAndDerivers.sol#L130