Beginner FriendlyFoundry
100 EXP
View results
Submission Details
Severity: high
Valid

Anyone Can Use the Contract Because `MondrianWallet::_validateSignature` Does Not Check The Signer Address

[H-1] Anyone Can Use the Contract Because MondrianWallet::_validateSignature Does Not Check The Signer Address

Description: The _validateSignature internal function is used to check for signature validation of any UserOperations, but since it does not check the recoverd address of ECDSA.recover any UserOperation will pass this validation.

function _validateSignature(
PackedUserOperation calldata userOp,
bytes32 userOpHash
) internal pure returns (uint256 validationData) {
bytes32 hash = MessageHashUtils.toEthSignedMessageHash(userOpHash);
@> ECDSA.recover(hash, userOp.signature);
return SIG_VALIDATION_SUCCESS; // this always returns 0
}

Impact: There is no check wether the owner sent this operation or not and all signatures if recoverable will pass.

Proof of Concept:

Recommended Mitigation: Here is an example implementation from smartcontracts.tips guide to acoount abstraction, you can implement somthing similar to this:

function _validateSignature(
PackedUserOperation calldata userOp,
bytes32 userOpHash
) internal pure returns (uint256 validationData) {
bytes32 hash = MessageHashUtils.toEthSignedMessageHash(userOpHash);
- ECDSA.recover(hash, userOp.signature);
+ address signer = ECDSA.recover(hash, userOp.signature);
+ if (signer != owner){
+ return SIG_VALIDATION_FAILED; // returns 1
+ }
return SIG_VALIDATION_SUCCESS; // this always returns 0
}
Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

ECDSA.recover should check against sender

`_validateSignature` SHOULD return SIG_VALIDATION_FAILED (and not revert) on signature mismatch.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.