K1Validator.sol - Using Solady's SignatureCheckerLib doesn't check for signature malleability
Summary
K1Validator implements vaidateUserOp and inside it uses SignatureCheckerLib.isValidSignatureNow.
Vulnerability Details
The problem is that SignatureCheckerLib [doesn't check for signature malleability](https://github.com/Vectorized/solady/blob/d5f72a9aa54bc6b2e0b700d6bf3eab29973de0e9/src/utils/SignatureCheckerLib.sol#L23 "doesn't check for signature malleability
(https://github.com/Vectorized/solady/blob/d5f72a9aa54bc6b2e0b700d6bf3eab29973de0e9/src/utils/SignatureCheckerLib.sol#L23)") This means that for the same digest, 2 different valid signatures can be used.
Impact
Signature malleability
Tools Used
Manual Review
Recommendations
Consider verifying the s of the userOp.signature is within valid bounds to avoid signature malleability.
Lead Judging Commences
finding-replay-attack-malleable
Valid medium, although all issues lack a little detail on some form of protocol specific impact here. See similar reference finding [here](https://github.com/sherlock-audit/2024-04-titles-judging/issues/279)
Appeal created
finding-replay-attack-malleable
Valid medium, although all issues lack a little detail on some form of protocol specific impact here. See similar reference finding [here](https://github.com/sherlock-audit/2024-04-titles-judging/issues/279)
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.