The deployProxyAndDistributeBySignature
function in the contract is susceptible to replay attacks due to the absence of a nonce or unique identifier in the signed message. This vulnerability could allow an attacker to reuse a valid signature to execute the function multiple times, even if the context has changed.
The deployProxyAndDistributeBySignature
function uses an ECDSA signature to authenticate the caller's address. However, it lacks protection against replay attacks because it does not include a nonce or unique identifier in the signed message. The following code snippet illustrates this issue:
The function generates a digest from the provided parameters and compares the recovered address with the organizer's address to validate the signature. However, due to the absence of a nonce or unique identifier, an attacker could capture a valid signature for a transaction and replay it later, potentially causing unintended consequences.
Exploiting this vulnerability could lead to an attacker repeatedly executing the deployProxyAndDistributeBySignature
function, even if the original context or conditions have changed. This could result in multiple proxy deployments and prize distributions for a single contest, leading to misallocation of resources and disruptions to the intended contract behavior.
Manual
Include a nonce or unique identifier in the message that is signed. This ensures that each signature corresponds to a specific transaction and prevents replaying the same signature in different contexts.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.