HardhatFoundry
30,000 USDC
View results
Submission Details
Severity: high
Valid

Missing nonce in `_getEnableModeDataHash()` allows signature replay

Summary

_getEnableModeDataHash() doesn't include a nonce, thereby allowing enable mode signatures to be replayed.

Vulnerability Details

When Nexus account owners send a transaction with enable mode in PackedUserOperation.nonce, validateUserOp() calls _enableMode() to install the validator as a new module.

Nexus.sol#L108-L109

PackedUserOperation memory userOp = op;
userOp.signature = _enableMode(validator, op.signature);

To ensure that the account owner has allowed the validator to be installed, the validator (ie. module shown below) is hashed alongside its data (ie. moduleInitData) in _getEnableModeDataHash(), and subsequently checked to be signed by the owner in enableModeSignature in _checkEnableModeSignature():

ModuleManager.sol#L166-L171

(moduleType, moduleInitData, enableModeSignature, userOpSignature) = packedData.parseEnableModeData();
_checkEnableModeSignature(
_getEnableModeDataHash(module, moduleInitData),
enableModeSignature
);
_installModule(moduleType, module, moduleInitData);

However, the hash returned by _getEnableModeDataHash() does not include a nonce:

ModuleManager.sol#L388-L398

function _getEnableModeDataHash(address module, bytes calldata initData) internal view returns (bytes32 digest) {
digest = _hashTypedData(
keccak256(
abi.encode(
MODULE_ENABLE_MODE_TYPE_HASH,
module,
keccak256(initData)
)
)
);
}

This allows the owner's signature to be used repeatedly.

As a result, if a validator that was previously installed through _enableMode() is uninstalled by the owner, a malicious relayer/bundler can re-use the previous signature to re-install it through validatorUserOp() again, despite not having the owner's permission.

Impact

Due to signature replay, validators that have been uninstalled by Nexus account owners can be re-installed without their permission.

This is especially problematic as validators are used by Nexus accounts for access control - being able to re-install a validator without the owner's permission might affect the Nexus account's permissions and allow attackers to execute transactions on behalf of the account.

Recommendations

Include a nonce in _getEnableModeDataHash() to ensure that enable mode signatures cannot be replayed.

Updates

Lead Judging Commences

0xnevi Lead Judge
12 months ago
0xnevi Lead Judge 11 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Appeal created

0xnevi Lead Judge
11 months ago
0xnevi Lead Judge 11 months ago
Submission Judgement Published
Validated
Assigned finding tags:

finding-_getEnableModeDataHash-lack-nonce

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.