Skip to content

Latest commit

 

History

History
10 lines (7 loc) · 1.23 KB

39.md

File metadata and controls

10 lines (7 loc) · 1.23 KB

Signature Malleability

Description:

The implementation of a cryptographic signature system in Ethereum contracts often assume that the signature is unique, but signatures can be altered without the possession of the private key and still be valid. The EVM specification defines several so-called ‘precompiled’ contracts one of them being ecrecover which executes the elliptic curve public key recovery. A malicious user can slightly modify the three values v, r, and s to create other valid signatures. A system that performs signature verification on the contract level might be susceptible to attacks if the signature is part of the signed message hash. Valid signatures could be created by a malicious user to replay previously signed messages.

Remediation:

A signature should never be included in a signed message hash to check if previous messages have been processed by the contract. Consider using OpenZeppelin’s ECDSA.sol library to help prevent signature malleability attacks, rather than calling ecrecover() directly.

References:

https://swcregistry.io/docs/SWC-117