Submission Details
Severity:
A flaw in `MondrianWallet::_validateSignature` allows malicious users to bypass signature verification of transactions, potentially resulting in the loss of user funds.
Updates
Lead Judging Commences
inallhonesty about 1 year ago
Submission Judgement Published Assigned finding tags:
ECDSA.recover should check against sender
`_validateSignature` SHOULD return SIG_VALIDATION_FAILED (and not revert) on signature mismatch.
Rewards breakdown
nSLOC
89This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.