Project
One World
NFTDeFi
15,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Incorrect Encoding of `functionSignature` in `executeMetaTransaction` Function

brene

Summary

The executeMetaTransaction function does not hash the functionSignature before encoding, which is a deviation from EIP-712 standards. EIP-712 specifies that dynamic values, such as bytes and strings, are encoded as a kecca256 hash of their contents, ensuring a consistent, fixed-size input for cryptographic functions. This oversight may lead to issues with signature validation and non-standard behavior.

Vulnerability Details

The code in question is;

// Append userAddress and relayer address at the end to extract it from calling context
(bool success, bytes memory returnData) = address(this).call{value: msg.value}(
abi.encodePacked(functionSignature, userAddress)
);

Here, functionSignature is directly encoded without hashing, even though it is a bytes type—a dynamic value. EIP-712 guidelines require that dynamic values like bytes be hashed first to produce a fixed-size, bytes32 value before encoding.

Impact

Non-compliance with EIP712 can cause problems with integrators and potentially lead to denial of service.

Tools Used

Manual Review

Recommendations

To ensure compliance with EIP-712, the revised standard should be;

// Append userAddress and relayer address at the end to extract it from calling context
(bool success, bytes memory returnData) = address(this).call{value: msg.value}(
- abi.encodePacked(functionSignature, userAddress)
+ abi.encodePacked(keccak256(functionSignature), userAddress)
);
Updates

Lead Judging Commences

0xbrivan2 Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!