Missing cases for failed signature validations in `MondrianWallet::_validateSignature`.
Summary
The _validateSignature function in the MondrianWallet contract is responsible for validating the signature of user operations. However, the function lacks a mechanism to handle cases where the signature validation fails. This oversight could lead to incorrect validation results, potentially allowing unauthorized operations.
Vulnerability Details
The _validateSignature function does not account for the scenario where the signature recovery fails, which is indicated by a zero address being returned. Specifically, the function should check if the recovered address is the zero address and return SIG_VALIDATION_FAILED if it is.
The code above always returns SIG_VALIDATION_SUCCESS, regardless of whether the signature is valid or not. This can lead to unauthorized operations being incorrectly validated as legitimate.
Impact
The absence of a signature failure check can have significant security implications:
Unauthorized Transactions: Malicious actors could exploit this vulnerability to execute unauthorized transactions.
Security Breach: The integrity of the MondrianWallet contract can be compromised, leading to potential financial losses and a breach of trust.
Operational Risk: Failure to detect invalid signatures could lead to operational risks, including the execution of invalid user operations.
Tools Used
Manual review
Recommendations
Update the _validateSignature function to include a check for signature validation failure.
Lead Judging Commences
ECDSA.recover should check against sender
`_validateSignature` SHOULD return SIG_VALIDATION_FAILED (and not revert) on signature mismatch.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.