[M-1] Typo in EIP-712 MESSAGE_TYPEHASH Prevents Valid Signature Verification

Description

• Normal Protocol Behavior: The SnowmanAirdrop.sol contract uses EIP-712 signatures to authorize claims, allowing a third party (like "satoshi" in the tests) to submit a claim on behalf of a receiver if they provide a valid signature from the receiver. The signature is generated over a hash of a SnowmanClaim struct, which includes the receiver's address and their amount of Snow tokens.

• Specific Issue: The MESSAGE_TYPEHASH constant, used to construct the EIP-712 typed data hash, contains a typographical error. The receiver field is misspelled as "addres" instead of "address".

  bytes32 private constant MESSAGE_TYPEHASH = keccak256("SnowmanClaim(addres receiver, uint256 amount)");

  This means that the hash computed by the contract for signature verification will be different from the hash computed by any standard EIP-712 compliant client or library that uses the correct struct definition: SnowmanClaim(address receiver, uint256 amount). As a result, valid signatures generated by users/clients will not match the contract's expectation, causing all such claimSnowman calls to fail with SA__InvalidSignature.

Risk

Likelihood: High

• Any attempt to use the claimSnowman function with a signature generated by a standard EIP-712 compliant method (which would use the correct spelling) will fail.

Impact: Medium

• Functionality Breakdown: The primary mechanism for delegated claims (claimSnowman when msg.sender != receiver) is broken. Users who intend to have a third party submit their claim transaction will be unable to do so.

• User Frustration: Users attempting to use this feature will encounter unexpected failures.

• Deviation from Standard: The contract does not correctly implement the EIP-712 standard for the specified struct due to the typo, undermining interoperability and trust in the signature scheme.
  (Note: If claimSnowman is also intended to be called directly by the receiver themselves providing their own signature, that path would also be broken for the same reason.)

Proof of Concept

Add testTypoInMessageTypehash_PreventsCorrectClientSignatureValidation function in test/SnowmanAirdrop.t.sol :

1. Mints 1 Snow token to "alice".

2. Alice approves the SnowmanAirdrop contract.

3. It then manually constructs an EIP-712 digest (correctDigestToSign) using the correct type string: "SnowmanClaim(address receiver,uint256 amount)".

4. Alice signs this correctDigestToSign.

5. "satoshi" attempts to call claimSnowman on behalf of Alice using this signature and Alice's valid Merkle proof.

6. The call is expected to, and does, revert with SA__InvalidSignature. This is because the SnowmanAirdrop contract, due to the typo in its internal MESSAGE_TYPEHASH, calculates a different expected digest.

The test confirms that a signature generated based on the correct EIP-712 struct definition fails verification due to the contract's internal typo.

Recommended Mitigation

Correct the typographical error in the MESSAGE_TYPEHASH constant within the SnowmanAirdrop.sol contract.

Change:

This will ensure that the contract computes the EIP-712 hash consistent with standard client implementations, allowing valid signatures to be correctly verified.