[M-1] `MondrianWallet::_ValidateSignature` doesn't return `SIG_VALIDATION_FAILED` violating the `EIP-4337`
Description
The EIP 4337 states that when even a Signature Validation is not successful the SIG_VALIDATION_FAILED should be returned and revert for any other errors, but the function MondrianWallet::_ValidateSignature doesn't return SIG_VALIDATION_FAILED which may lead to unexpected reverts as the contract is not in compliance with the EIP-4337
Impact
The entryPoint contract will be designed in compliance with the EIP-4337 and it expects a the return value when the signature validation fails to be SIG_VALIDATION_FAILEDwhich is set to 1 but here the call will be reverted leading to unexpected reverts
Proof of Concept
The function below only returns SIG_VALIDATION_SUCCESS
PoC
There is no SIG_VALIDATION_FAILED variable used in MondrianWallet::_ValidateSignature even though it is imported into the contract
Recommended Mitigation
Please Refer to [H-1] for a more detailed mitigation as the issue expects the mitigation of [H-1] to already have been implemented.
If the Signature validation fails the contract should return SIG_VALIDATION_FAILED
make changes MondrianWallet::_ValidateSignature as given below :
Lead Judging Commences
`_validateSignature` SHOULD return SIG_VALIDATION_FAILED (and not revert) on signature mismatch.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.