onlyOwner spoofing #1
Comments
|
I fixed the onlyOwner spoofing by including a signed hash to verify the owner signature. I discovered from a DAPP, you can spoof the msg.sender by setting the from: attribute in the web3 call. A more secure method, is the owner creates a signed hash with a signature and passes both the onlyOwner method which will verify the contract owner and hash owner are the same. |
|
According to SWC-121,122, and 123 ecrecover is NOT recommended to obtain the signer from the signature/hash. EIP-712 implementation is the preferred method for recovering the signer of a signature/hash as defined at https://soliditydeveloper.com/ecrecover. The new Owner.sol contract uses a custom safer ecrecover method. https://swcregistry.io/docs/SWC-121 |
|
Fixed by including a signed message for onlyOwner. An okOwner function is provided which only checks the msg.sender against the contract owner. |
This is a serious flaw with smart contracts that use onlyOwner permissions, because a person can just needs to know the public owner address and then can invoke the RPC eth_call passing setting the sender with the owner address and now can hijack the smart contract?
Research is needed for best practices to prevent onlyOwner spoofing.
The text was updated successfully, but these errors were encountered: