SWC-registry Please add ꜱᴡᴄ for case where attacker is a able to pass hash directly to ecrecover !

Please add ꜱᴡᴄ for case where attacker is a able to pass hash directly to ecrecover !

Open ytrezq opened this issue 5 years ago • 1 comments

If verifier contract doesn’t hash a message itself and the hash doesn’t require a pre‑image, then there’s a problem similar but different from signature malleability described here.

Nov 10 '19 23:11 ytrezq

LGTM. It's Pitfall #2 at that URL.

Dec 05 '19 19:12 maurelian

This repo is no longer maintained, and we are not adding new SWCs (has probably become obvious since this was filed).

So closing this as "won't get fixed"

Jul 24 '23 13:07 chaals

SWC-registry SWC-registry copied to clipboard

Please add ꜱᴡᴄ for case where attacker is a able to pass hash directly to ecrecover !

SWC-registry
SWC-registry copied to clipboard

Please add ꜱᴡᴄ for case where attacker is a able to pass hash directly to ecrecover !