Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Replay attack possibility #16

Open
gundas opened this issue Jun 19, 2019 · 2 comments
Open

Replay attack possibility #16

gundas opened this issue Jun 19, 2019 · 2 comments

Comments

@gundas
Copy link

gundas commented Jun 19, 2019

Problem description
If the same address is a signer in multiple WalletSimple contract instances, an operation approval signature intended for one contract can be replayed on another WalletSimple contracts.

Cause
The WalletSimple contract address is not included in the operationHash calculation.

Sugested fix
Add address(this) to the operationHash calculation, e.g.:

var operationHash = sha3("ETHER", address(this), toAddress, value, data, expireTime, sequenceId);
@meisser
Copy link

meisser commented Jun 18, 2020

Came here to report the same. :)

Btw: do you have an idea about the purpose of the "ETHER" string?

@gundas
Copy link
Author

gundas commented Jun 18, 2020

I copied it from the contract code without much thinking:) :
https://github.com/BitGo/eth-multisig-v2/blob/master/contracts/WalletSimple.sol#L130

I think the "ETHER" and "ERC20" strings are added to differentiate between Ether and token signatures. So that Ether transfer signature would not be used for ERC-20 transfer function and vice versa.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@gundas @meisser