The _domainSeparatorV4()
function in the LibTractor
library uses an incorrect type hash which does not match the format of data it is supposed to represent. In EIP-712, the domain separator should match the format: EIP712Domain(string name, string version, uint256 chainId, address verifyingContract)
. However, the function is currently using BLUEPRINT_TYPE_HASH
intended for a different data structure: Blueprint(address publisher, bytes data, bytes operatorData, uint256 maxNonce, uint256 startTime, uint256 endTime)
. This mismatch leads to incorrect domain separation, causing blueprint-based signature verification to fail.
The EIP-712 standard specifies a domain separator format using the type hash for the following data structure:
However, in the current implementation:
The function incorrectly uses BLUEPRINT_TYPE_HASH instead of EIP712_TYPE_HASH. BLUEPRINT_TYPE_HASH is meant for:
This mismatch results in an incorrect domain separator.
Signature Verification Failure: Because the type hash used in the domain separator does not match the required format, any off-chain signatures generated expect the domain to be compliant with EIP712Domain
will not match the calculated on-chain domain separator. As a result, all such signature verifications will fail.
To demonstrate and prove the issue with the incorrect domain separator, we'll use Foundry for testing. The objective is to show that using the incorrect type hash results in domain separators that do not match the expected hash needed for EIP-712 compliant signature verification. We will compare the incorrect domain separator with the corrected one and validate the findings.
SetUp: We create a mock contract MockC
to mimic getting the chain ID and set up the test environment by fetching the contract address.
Correct Domain Separator: A helper function correctDomainSeparator
is defined to calculate the correct domain separator using EIP712_TYPE_HASH
.
Test Function:
testIncorrectDomainSeparator
calculates the supposed domain separator using the incorrect BLUEPRINT_TYPE_HASH
and verifies that it does not match the correct domain separator.
The function then calculates the correct domain separator using EIP712_TYPE_HASH
and verifies that it matches the expected correct separator.
This Foundry test clearly demonstrates the issue and the impact of using the incorrect type hash in _domainSeparatorV4()
, validating the need for the recommended correction.
Manual Code Review
Foundry for testing and validation.
To resolve this issue, update the _domainSeparatorV4()
function to use EIP712_TYPE_HASH
when encoding the domain separator:
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.