The internal _validateSignature
function is used in the external validateUserOp
function. The _validateSignature
function is intended to check the validity of the signature of a UserOperation
.
However, the function contains a bug because it does not verify the returned address of the ECDSA.recover
function, which returns an address that signed a hashed message. Instead, the _validateSignature
function returns a SIG_VALIDATION_SUCCESS
value for each signature verification action, regardless of whether the provided signature is valid or not.
A vulnerability in the signature verification process within the _validateSignature
function results in every signed user transaction (UserOperation), regardless of the validity of the signature, being mistakenly recognized as valid by the EntryPoint
contract. Without proper signature verification, attackers can create transactions with forged signatures and present them as valid, allowing them to execute transactions on behalf of the user without authorization. This lack of verification could lead to a direct loss of assets, as unauthorized transactions may be executed, resulting in the deduction of assets from the user's account.
Manual review, vscode
Consider making the following change to the _validateSignature
function:
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.