Disable Pre-approved IsValidSignature

This commit disabes support for pre-approved signatures from `msg.sender` for `isValidSignature` calls. Note that we remove the new 1.5.0-only `checkSignatures` interface in favour of one with `msg.sender` explicitely provided to avoid issues for contracts that make use of this function.
safe-global · Dec 11, 2024 · 9f29682 · 9f29682
1 parent febab5e
commit 9f29682
Show file tree

Hide file tree

Showing 7 changed files with 101 additions and 41 deletions.
diff --git a/contracts/Safe.sol b/contracts/Safe.sol
@@ -139,7 +139,7 @@ contract Safe is
                 // We use the post-increment here, so the current nonce value is used and incremented afterwards.
                 nonce++
             );
-            checkSignatures(txHash, signatures);
+            checkSignatures(msg.sender, txHash, signatures);
         }
         address guard = getGuard();
         {
@@ -267,12 +267,12 @@ contract Safe is
     /**
      * @inheritdoc ISafe
      */
-    function checkSignatures(bytes32 dataHash, bytes memory signatures) public view override {
+    function checkSignatures(address executor, bytes32 dataHash, bytes memory signatures) public view override {
         // Load threshold to avoid multiple storage loads
         uint256 _threshold = threshold;
         // Check that a threshold is set
         if (_threshold == 0) revertWithError("GS001");
-        checkNSignatures(msg.sender, dataHash, signatures, _threshold);
+        checkNSignatures(executor, dataHash, signatures, _threshold);
     }
 
     /**
@@ -343,7 +343,7 @@ contract Safe is
      */
     function checkSignatures(bytes32 dataHash, bytes calldata data, bytes memory signatures) external view {
         data;
-        checkSignatures(dataHash, signatures);
+        checkSignatures(msg.sender, dataHash, signatures);
     }
 
     /**

diff --git a/contracts/handler/CompatibilityFallbackHandler.sol b/contracts/handler/CompatibilityFallbackHandler.sol
@@ -62,7 +62,9 @@ contract CompatibilityFallbackHandler is TokenCallbackHandler, ISignatureValidat
         if (_signature.length == 0) {
             require(safe.signedMessages(messageHash) != 0, "Hash not approved");
         } else {
-            safe.checkSignatures(messageHash, _signature);
+            // We explicitly do not allow caller approved sigantures for EIP-1271. This is done by setting the executor
+            // address to `0` which can never be an owner of the Safe.
+            safe.checkSignatures(address(0), messageHash, _signature);
         }
         return EIP1271_MAGIC_VALUE;
     }

diff --git a/contracts/handler/extensible/SignatureVerifierMuxer.sol b/contracts/handler/extensible/SignatureVerifierMuxer.sol
@@ -165,7 +165,7 @@ abstract contract SignatureVerifierMuxer is ExtensibleBase, ERC1271, ISignatureV
             require(safe.signedMessages(messageHash) != 0, "Hash not approved");
         } else {
             // threshold signatures
-            safe.checkSignatures(messageHash, messageData, signature);
+            safe.checkSignatures(address(0), messageHash, signature);
         }
         magic = ERC1271.isValidSignature.selector;
     }

diff --git a/contracts/interfaces/ISafe.sol b/contracts/interfaces/ISafe.sol
@@ -76,12 +76,15 @@ interface ISafe is IModuleManager, IGuardManager, IOwnerManager, IFallbackManage
     ) external payable returns (bool success);
 
     /**
-     * @notice Checks whether the signature provided is valid for the provided data and hash. Reverts otherwise.
+     * @notice Checks whether the signature provided is valid for the provided data and hash and executor. Reverts otherwise.
+     * @param executor Address that executes the transaction.
+     *        ⚠️⚠️⚠️ Make sure that the executor address is a legitimate executor.
+     *        Incorrectly passed the executor might reduce the threshold by 1 signature. ⚠️⚠️⚠️
      * @param dataHash Hash of the data (could be either a message hash or transaction hash)
      * @param signatures Signature data that should be verified.
      *                   Can be packed ECDSA signature ({bytes32 r}{bytes32 s}{uint8 v}), contract signature (EIP-1271) or approved hash.
      */
-    function checkSignatures(bytes32 dataHash, bytes memory signatures) external view;
+    function checkSignatures(address executor, bytes32 dataHash, bytes memory signatures) external view;
 
     /**
      * @notice Checks whether the signature provided is valid for the provided data and hash. Reverts otherwise.

diff --git a/test/core/Safe.Signatures.spec.ts b/test/core/Safe.Signatures.spec.ts
@@ -333,7 +333,9 @@ describe("Safe", () => {
                 "0000000000000000000000000000000000000000000000000000000000000020" +
                 "00" + // r, s, v
                 "0000000000000000000000000000000000000000000000000000000000000000"; // Some data to read
-            await expect(safe["checkSignatures(bytes32,bytes)"](txHash, signatures)).to.be.revertedWith("GS021");
+            await expect(safe["checkSignatures(address,bytes32,bytes)"](hre.ethers.ZeroAddress, txHash, signatures)).to.be.revertedWith(
+                "GS021",
+            );
         });
 
         it("should fail if signatures data is not present", async () => {
@@ -352,7 +354,9 @@ describe("Safe", () => {
                 "0000000000000000000000000000000000000000000000000000000000000041" +
                 "00"; // r, s, v
 
-            await expect(safe["checkSignatures(bytes32,bytes)"](txHash, signatures)).to.be.revertedWith("GS022");
+            await expect(safe["checkSignatures(address,bytes32,bytes)"](hre.ethers.ZeroAddress, txHash, signatures)).to.be.revertedWith(
+                "GS022",
+            );
         });
 
         it("should fail if signatures data is too short", async () => {
@@ -372,7 +376,9 @@ describe("Safe", () => {
                 "00" + // r, s, v
                 "0000000000000000000000000000000000000000000000000000000000000020"; // length
 
-            await expect(safe["checkSignatures(bytes32,bytes)"](txHash, signatures)).to.be.revertedWith("GS023");
+            await expect(safe["checkSignatures(address,bytes32,bytes)"](hre.ethers.ZeroAddress, txHash, signatures)).to.be.revertedWith(
+                "GS023",
+            );
         });
 
         it("should not be able to use different chainId for signing", async () => {
@@ -384,7 +390,9 @@ describe("Safe", () => {
             const tx = buildSafeTransaction({ to: safeAddress, nonce: await safe.nonce() });
             const txHash = calculateSafeTransactionHash(safeAddress, tx, await chainId());
             const signatures = buildSignatureBytes([await safeSignTypedData(user1, safeAddress, tx, 1)]);
-            await expect(safe["checkSignatures(bytes32,bytes)"](txHash, signatures)).to.be.revertedWith("GS026");
+            await expect(safe["checkSignatures(address,bytes32,bytes)"](hre.ethers.ZeroAddress, txHash, signatures)).to.be.revertedWith(
+                "GS026",
+            );
         });
 
         it("if not msg.sender on-chain approval is required", async () => {
@@ -397,7 +405,9 @@ describe("Safe", () => {
             const tx = buildSafeTransaction({ to: safeAddress, nonce: await safe.nonce() });
             const txHash = calculateSafeTransactionHash(safeAddress, tx, await chainId());
             const signatures = buildSignatureBytes([await safeApproveHash(user1, safe, tx, true)]);
-            await expect(user2Safe["checkSignatures(bytes32,bytes)"](txHash, signatures)).to.be.revertedWith("GS025");
+            await expect(
+                user2Safe["checkSignatures(address,bytes32,bytes)"](hre.ethers.ZeroAddress, txHash, signatures),
+            ).to.be.revertedWith("GS025");
         });
 
         it("should revert if threshold is not set", async () => {
@@ -406,7 +416,7 @@ describe("Safe", () => {
             const safeAddress = await safe.getAddress();
             const tx = buildSafeTransaction({ to: safeAddress, nonce: await safe.nonce() });
             const txHash = calculateSafeTransactionHash(safeAddress, tx, await chainId());
-            await expect(safe["checkSignatures(bytes32,bytes)"](txHash, "0x")).to.be.revertedWith("GS001");
+            await expect(safe["checkSignatures(address,bytes32,bytes)"](hre.ethers.ZeroAddress, txHash, "0x")).to.be.revertedWith("GS001");
         });
 
         it("should revert if not the required amount of signature data is provided", async () => {
@@ -417,7 +427,7 @@ describe("Safe", () => {
             const safeAddress = await safe.getAddress();
             const tx = buildSafeTransaction({ to: safeAddress, nonce: await safe.nonce() });
             const txHash = calculateSafeTransactionHash(safeAddress, tx, await chainId());
-            await expect(safe["checkSignatures(bytes32,bytes)"](txHash, "0x")).to.be.revertedWith("GS020");
+            await expect(safe["checkSignatures(address,bytes32,bytes)"](hre.ethers.ZeroAddress, txHash, "0x")).to.be.revertedWith("GS020");
         });
 
         it("should not be able to use different signature type of same owner", async () => {
@@ -433,7 +443,9 @@ describe("Safe", () => {
                 await safeSignTypedData(user1, safeAddress, tx),
                 await safeSignTypedData(user3, safeAddress, tx),
             ]);
-            await expect(safe["checkSignatures(bytes32,bytes)"](txHash, signatures)).to.be.revertedWith("GS026");
+            await expect(safe["checkSignatures(address,bytes32,bytes)"](hre.ethers.ZeroAddress, txHash, signatures)).to.be.revertedWith(
+                "GS026",
+            );
         });
 
         it("should be able to mix all signature types", async () => {
@@ -448,11 +460,9 @@ describe("Safe", () => {
                 fallbackHandler: compatFallbackHandlerAddress,
             });
             const signerSafeAddress = await signerSafe.getAddress();
-            const safe = (
-                await getSafe({
-                    owners: [user1.address, user2.address, user3.address, user4.address, signerSafeAddress],
-                })
-            ).connect(user1);
+            const safe = await getSafe({
+                owners: [user1.address, user2.address, user3.address, user4.address, signerSafeAddress],
+            });
             const safeAddress = await safe.getAddress();
             const tx = buildSafeTransaction({ to: safeAddress, nonce: await safe.nonce() });
             const txHash = calculateSafeTransactionHash(safeAddress, tx, await chainId());
@@ -469,7 +479,7 @@ describe("Safe", () => {
                 signerSafeSig,
             ]);
 
-            await safe["checkSignatures(bytes32,bytes)"](txHash, signatures);
+            await safe["checkSignatures(address,bytes32,bytes)"](user1.address, txHash, signatures);
         });
     });
 
@@ -612,13 +622,11 @@ describe("Safe", () => {
                 fallbackHandler: compatFallbackHandlerAddress,
             });
             const signerSafeAddress = await signerSafe.getAddress();
-            const safe = (
-                await getSafe({
-                    owners: [user1.address, user2.address, user3.address, user4.address, signerSafeAddress],
-                    threshold: 5,
-                    fallbackHandler: compatFallbackHandlerAddress,
-                })
-            ).connect(user1);
+            const safe = await getSafe({
+                owners: [user1.address, user2.address, user3.address, user4.address, signerSafeAddress],
+                threshold: 5,
+                fallbackHandler: compatFallbackHandlerAddress,
+            });
             const safeAddress = await safe.getAddress();
             const tx = buildSafeTransaction({ to: safeAddress, nonce: await safe.nonce() });
             const txHash = calculateSafeTransactionHash(safeAddress, tx, await chainId());
@@ -635,7 +643,7 @@ describe("Safe", () => {
                 signerSafeSig,
             ]);
 
-            await safe["checkSignatures(bytes32,bytes,bytes)"](txHash, "0x", signatures);
+            await safe.connect(user1)["checkSignatures(bytes32,bytes,bytes)"](txHash, "0x", signatures);
         });
     });
 
@@ -1021,13 +1029,11 @@ describe("Safe", () => {
                 fallbackHandler: compatFallbackHandlerAddress,
             });
             const signerSafeAddress = await signerSafe.getAddress();
-            const safe = (
-                await getSafe({
-                    owners: [user1.address, user2.address, user3.address, user4.address, signerSafeAddress],
-                    threshold: 5,
-                    fallbackHandler: compatFallbackHandlerAddress,
-                })
-            ).connect(user1);
+            const safe = await getSafe({
+                owners: [user1.address, user2.address, user3.address, user4.address, signerSafeAddress],
+                threshold: 5,
+                fallbackHandler: compatFallbackHandlerAddress,
+            });
             const safeAddress = await safe.getAddress();
             const tx = buildSafeTransaction({ to: safeAddress, nonce: await safe.nonce() });
             const txHash = calculateSafeTransactionHash(safeAddress, tx, await chainId());
@@ -1044,7 +1050,7 @@ describe("Safe", () => {
                 signerSafeSig,
             ]);
 
-            await safe["checkNSignatures(bytes32,bytes,bytes,uint256)"](txHash, "0x", signatures, 5);
+            await safe.connect(user1)["checkNSignatures(bytes32,bytes,bytes,uint256)"](txHash, "0x", signatures, 5);
         });
 
         it("should be able to require no signatures", async () => {

diff --git a/test/handlers/CompatibilityFallbackHandler.spec.ts b/test/handlers/CompatibilityFallbackHandler.spec.ts
@@ -124,9 +124,37 @@ describe("CompatibilityFallbackHandler", () => {
 
             const signerSafeSig = buildContractSignature(signerSafeAddress, signerSafeOwnerSignature.data);
 
-            expect(
-                await validator.isValidSignature.staticCall(dataHash, buildSignatureBytes([typedDataSig, ethSignSig, signerSafeSig])),
-            ).to.be.eq("0x1626ba7e");
+            for (const signatures of [
+                [typedDataSig, ethSignSig],
+                [typedDataSig, signerSafeSig],
+                [ethSignSig, signerSafeSig],
+            ]) {
+                expect(await validator.isValidSignature.staticCall(dataHash, buildSignatureBytes(signatures))).to.be.eq("0x1626ba7e");
+            }
+        });
+
+        it("should not accept pre-approved signatures", async () => {
+            const {
+                validator,
+                signers: [user1, user2],
+            } = await setupTests();
+            const validatorAddress = await validator.getAddress();
+            const dataHash = ethers.keccak256("0xbaddad");
+            const user1Signature = {
+                signer: user1.address,
+                data: ethers.solidityPacked(["uint256", "uint256", "uint8"], [user1.address, 0, 1]),
+            };
+            const user2Signature = {
+                signer: user2.address,
+                data: await user2.signTypedData(
+                    { verifyingContract: validatorAddress, chainId: await chainId() },
+                    EIP712_SAFE_MESSAGE_TYPE,
+                    { message: dataHash },
+                ),
+            };
+
+            const signatures = buildSignatureBytes([user1Signature, user2Signature]);
+            await expect(validator.connect(user1).isValidSignature.staticCall(dataHash, signatures)).to.be.reverted;
         });
     });
 

diff --git a/test/handlers/ExtensibleFallbackHandler.spec.ts b/test/handlers/ExtensibleFallbackHandler.spec.ts
@@ -496,6 +496,27 @@ describe("ExtensibleFallbackHandler", () => {
                 );
             });
 
+            it("should not accept pre-approved signatures", async () => {
+                const { user1, user2, validator } = await setupTests();
+                const validatorAddress = await validator.getAddress();
+                const dataHash = ethers.keccak256("0xbaddad");
+                const user1Signature = {
+                    signer: user1.address,
+                    data: ethers.solidityPacked(["uint256", "uint256", "uint8"], [user1.address, 0, 1]),
+                };
+                const user2Signature = {
+                    signer: user2.address,
+                    data: await user2.signTypedData(
+                        { verifyingContract: validatorAddress, chainId: await chainId() },
+                        EIP712_SAFE_MESSAGE_TYPE,
+                        { message: dataHash },
+                    ),
+                };
+
+                const signatures = buildSignatureBytes([user1Signature, user2Signature]);
+                await expect(validator.connect(user1).isValidSignature.staticCall(dataHash, signatures)).to.be.reverted;
+            });
+
             it("should send EIP-712 context to custom verifier", async () => {
                 const { user1, user2, safe, validator, revertVerifier } = await setupTests();
                 const domainSeparator = ethers.keccak256("0xdeadbeef");