_getEnableModeDataHash()
doesn't include a nonce, thereby allowing enable mode signatures to be replayed.
When Nexus account owners send a transaction with enable mode in PackedUserOperation.nonce
, validateUserOp()
calls _enableMode()
to install the validator as a new module.
To ensure that the account owner has allowed the validator to be installed, the validator (ie. module
shown below) is hashed alongside its data (ie. moduleInitData
) in _getEnableModeDataHash()
, and subsequently checked to be signed by the owner in enableModeSignature
in _checkEnableModeSignature()
:
However, the hash returned by _getEnableModeDataHash()
does not include a nonce:
This allows the owner's signature to be used repeatedly.
As a result, if a validator that was previously installed through _enableMode()
is uninstalled by the owner, a malicious relayer/bundler can re-use the previous signature to re-install it through validatorUserOp()
again, despite not having the owner's permission.
Due to signature replay, validators that have been uninstalled by Nexus account owners can be re-installed without their permission.
This is especially problematic as validators are used by Nexus accounts for access control - being able to re-install a validator without the owner's permission might affect the Nexus account's permissions and allow attackers to execute transactions on behalf of the account.
Include a nonce in _getEnableModeDataHash()
to ensure that enable mode signatures cannot be replayed.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.