-
Notifications
You must be signed in to change notification settings - Fork 0
/
SignatureReplay.sol
61 lines (48 loc) · 1.63 KB
/
SignatureReplay.sol
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.26;
import "@openzeppelin/contracts/utils/cryptography/MessageHashUtils.sol";
import "@openzeppelin/contracts/utils/cryptography/ECDSA.sol";
contract MultiSigWallet {
using ECDSA for bytes32;
error SignatureReplay__InvalidSignature();
error SignatureReplay__TransferFailed();
address[2] public owners;
constructor(address[2] memory _owners) payable {
owners = _owners;
}
function deposit() external payable {}
function transfer(
address _to,
uint256 _amount,
bytes[2] memory _sigs
) external {
bytes32 txHash = getTxHash(_to, _amount);
require(_checkSigs(_sigs, txHash), SignatureReplay__InvalidSignature());
(bool sent, ) = _to.call{ value: _amount }("");
require(sent, SignatureReplay__TransferFailed());
}
function getTxHash(
address _to,
uint256 _amount
) public pure returns (bytes32) {
return keccak256(abi.encodePacked(_to, _amount));
}
// this function does not check if the signature has already been used
// hence the vulnerability to sig replay attacks
function _checkSigs(
bytes[2] memory _sigs,
bytes32 _txHash
) private view returns (bool) {
bytes32 ethSignedHash = MessageHashUtils.toEthSignedMessageHash(
_txHash
);
for (uint256 i = 0; i < _sigs.length; i++) {
address signer = ethSignedHash.recover(_sigs[i]);
bool valid = signer == owners[i];
if (!valid) {
return false;
}
}
return true;
}
}