Potential signature malleability in ECDSA recovery
Description
The use of ECDSA.recover with user-provided input may be vulnerable to signature malleability attacks, potentially allowing an attacker to manipulate the recovered signature.
Examples
Insecure Code
solidity
function recoverSignature(bytes signature) {
address recoveredAddress = ECDSA.recover(signature);
// ...
}Secure Code
solidity
function recoverSignature(bytes signature) {
address recoveredAddress = ecrecover(keccak256("\x19Ethereum Signed Message:\n" + message), signature);
// ...
}Remediation
Use a secure method to verify the signature, such as ecrecover, and ensure that the input is properly validated and sanitized.
Rule Details
| Field | Value |
|---|---|
| ID | CODE-0208 |
| Category | Crypto |
| Severity | MEDIUM |
| CWE | CWE-347 |
| Confidence | LOW |
| Impact | MEDIUM |
| Likelihood | MEDIUM |
| Exploitability | MODERATE |
| Tags | ecdsa, signature malleability |
| OWASP | N/A |