added unsecure signatures vulnerability

[wafardev]

Related Issue

• Closes: (Ecrecover vulnerability #99)

Checklist

• I have read and followed the style guide

Describe the changes you've made:

This contribution adds a new vulnerability section titled Unsecure Signatures. The submission explains the potential risks associated with the improper use of the ecrecover function, including:

1. Null Address Recovery: The potential for ecrecover to return address(0) and pass validation checks under certain circumstances.
2. Signature Malleability: An attacker’s ability to create different valid signatures for the same message by altering r and s.
3. Signature Replay: Reuse of previously signed messages to replay actions on the contract.
4. Front-Running: Risk of attackers exploiting pending transactions to drain contract funds.

Additionally, I propose the use of EIP-712 and OpenZeppelin’s ECDSA library as a mitigation to these risks. This update explains how adopting structured data signing with EIP-712 ensures that signatures are unique to the contract, chain, and message, preventing unauthorized actions through signature replay or manipulation.

The submission includes:

• A vulnerable code example showcasing improper usage of ecrecover in an ownership-changing function.
• A secure code example using EIP-712 and OpenZeppelin’s ECDSA library to ensure robust signature verification and protection against replay attacks, signature malleability, and null address recovery.

Type of change

• Bug fix (fixing an issue with existing vulnerability data)
• New feature (adding a new vulnerability or category)
• Documentation update (improving existing information)

Additional Information

This vulnerability could either fit under existing categories such as "Authorization" or "Signature Validation", or it may require a new category/tag like Unsecure Signatures or Signature Replay Vulnerabilities. Please advise if a new tag is needed for better categorization.

Additionally, the code examples and mitigations highlight the importance of using canonical signatures and ensuring that all contracts are immune to replay and front-running attacks, especially when ecrecover is involved. This contribution also introduces a section explaining the relevance of nonce management to protect against front-running.

[kadenzipfel]

Sorry for taking so long to review

[kadenzipfel]

Also this should either update this file: https://github.com/kadenzipfel/smart-contract-vulnerabilities/blob/master/vulnerabilities/unexpected-ecrecover-null-address.md or replace it, including updating the README to link to the correct file

Edit: I've updated the original file to contextually remove the problem you reported. If you have the time/bandwidth and can review it that would be much appreciated. Also feel free to improve it with a better example like what you've got here, i.e. including EIP-712 and such