Back to zaevlad's contests

reNFT - zaevlad's results

Collateral-free, permissionless, and highly customizable EVM NFT rentals.

General Information

Platform: Code4rena

Start Date: 08/01/2024

Pot Size: $83,600 USDC

Total HM: 23

Participants: 116

Period: 10 days

Judge: 0xean

Total Solo HM: 1

Id: 317

League: ETH

reNFT

Findings Distribution

Researcher Performance

Rank: 110/116

Findings: 1

Award: $1.80

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryreNFT

Findings Information

🌟 Selected for report: BI_security

Also found by: 0xPsuedoPandit, 0xpiken, ABAIKUNANBAEV, Beepidibop, CipherSleuths, EV_om, Giorgio, Hajime, J4X, KingNFT, KupiaSec, NentoR, SBSecurity, SpicyMeatball, Tendency, Ward, ZdravkoHr, boringslav, deepplus, hals, hash, haxatron, jasonxiale, juancito, pkqs90, plasmablocks, ravikiranweb3, rokinot, rvierdiiev, trachev, zaevlad, zzebra83

Awards

1.8029 USDC - $1.80

Labels

bug
2 (Med Risk)
satisfactory
duplicate-239

External Links

Link to GitHub issue

Lines of code

https://github.com/re-nft/smart-contracts/blob/3ddd32455a849c3c6dc3c3aad7a33a6c9b44c291/src/packages/Signer.sol#L315 https://github.com/re-nft/smart-contracts/blob/3ddd32455a849c3c6dc3c3aad7a33a6c9b44c291/src/packages/Signer.sol#L322

Vulnerability details

Impact

The code has broken EIP-712.

Proof of Concept

Let's take a look at the _deriveTypehashes():

    function _deriveTypehashes()
        internal
        view
        returns (
            bytes32 nameHash,
            bytes32 versionHash,
            bytes32 eip712DomainTypehash,
            bytes32 domainSeparator
        )
    {
        nameHash = keccak256(bytes(_NAME));

        versionHash = keccak256(bytes(_VERSION));

        eip712DomainTypehash = keccak256(
            abi.encodePacked(
                "EIP712Domain(string name,string version,uint256 chainId,address verifyingContract)"
            )
        );

        domainSeparator = _deriveDomainSeparator(
            eip712DomainTypehash,
            nameHash,
            versionHash
        );
    }

There are some problems that violate the EIP-712:

  1. EIP712Domain should contian bytes32 salt as a final argument. bytes32 salt an disambiguating salt for the protocol. This can be used as a domain separator of last resort.

  2. domainSeparator miss some params and should be cashed in a way:

        domainSeparator = _deriveDomainSeparator(
            eip712DomainTypehash,
            nameHash,
            versionHash,
            block.chainid,
            address(verifyingContract),
            salt
        );

This hashing method is described in https://eips.ethereum.org/EIPS/eip-712#rationale-for-domainseparator

Tools Used

Manual review

Consider rebuilding the domanSeparator according to the EIP-712 standard

Assessed type

Other

#0 - c4-pre-sort

2024-01-21T17:50:59Z

141345 marked the issue as duplicate of #239

#1 - c4-judge

2024-01-28T21:05:44Z

0xean marked the issue as satisfactory

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter