Possible cross chain replay attacks when attempting to validate signer

Summary

The _validateSigner() function is used when calling resolveQueuedTrades() and unlockOptions() however, the chain id is not specified when attempting to validate the signature.

Vulnerability Detail

There is no chain id in the signed data.

Impact

If a user calls a function which uses the _validateSigner() function while using the incorrect network, the attacker can replay the act on the correct chain to cause unexpected results.

Code Snippet

https://github.com/sherlock-audit/2022-11-buffer/blob/main/contracts/contracts/core/BufferRouter.sol#L267

Tool used

Manual Review

Recommendation

Consider including block.chainId in the hashed content.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

140.md

140.md

Possible cross chain replay attacks when attempting to validate signer

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

Files

140.md

Latest commit

History

140.md

File metadata and controls

Possible cross chain replay attacks when attempting to validate signer

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation