Biconomy: Nexus
Biconomy
HardhatFoundry
30,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

The return data of `validateUserOp` is not compliant with ERC-4337

zhuying

Summary

The return data of validateUserOp is not compliant with ERC-4337

Vulnerability Details

ERC-4337:

The return value MUST be packed of authorizer, validUntil and validAfter timestamps.
authorizer - 0 for valid signature, 1 to mark signature failure. Otherwise, an address of an authorizer contract. This ERC defines “signature aggregator” as authorizer.
validUntil is 6-byte timestamp value, or zero for “infinite”. The UserOp is valid only up to this time.
validAfter is 6-byte timestamp. The UserOp is valid only after this time.

From K1Validator.sol, we can see the return data of validateUserOp is VALIDATION_SUCCESS(0) or VALIDATION_FAILED(1). It misses validUntil and validAfter.

function validateUserOp(PackedUserOperation calldata userOp, bytes32 userOpHash) external view returns (uint256) {
address owner = smartAccountOwners[userOp.sender];
if (owner.isValidSignatureNow(ECDSA.toEthSignedMessageHash(userOpHash), userOp.signature) || owner.isValidSignatureNow(userOpHash, userOp.signature)) {
return VALIDATION_SUCCESS; // @audit-info VALIDATION_SUCCESS = 0
}
return VALIDATION_FAILED;
}

Impact

not compliant with ERC-4337

Tools Used

manual

Recommendations

Implement as ERC-4337 requires.

Updates

Lead Judging Commences

0xnevi Lead Judge 11 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement
Assigned finding tags:

finding-validateUserOp-validUntil-validAfter-ERC4337

Invalid, this check is performed in the entry point contract as seen in this instances [here](https://github.com/eth-infinitism/account-abstraction/blob/develop/contracts/core/EntryPoint.sol#L605) --> [here](https://github.com/eth-infinitism/account-abstraction/blob/develop/contracts/core/EntryPoint.sol#L574-L576)

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.