safe-wallet-web
safe-wallet-web copied to clipboard
Validate safeTxHash against tx data
@Uxio0 suggested a security enhancement:
- When displaying a transaction's details from the backend, compare a generated safe tx hash from the transaction data with the safeTxHash returned from the backend.
- If the hashes don't match, show a warning to the user and don't allow signing this transaction.
- Track these cases to Sentry as critical (if it ever happens)
This would detect hacking attempts on the backend.
N.B. we currently never sign a raw safe tx hash from the backend and instead always generate a new hash from transaction data, so the user always signs what they actually see. However, this enhancement would be still useful to detect txs that could have been messed with.