Organization
- @Tea-1452
Engagement Type
Cantina Reviews
Period
-
Repositories
Findings
Low Risk
2 findings
2 fixed
0 acknowledged
Informational
1 findings
1 fixed
0 acknowledged
Low Risk2 findings
Incorrect recovered address when signer's fallback function is triggered
Description
If signer has
fallbackwhenisValidSignaturefunction is not present, then it will return arbitrary data and not the magic value.This case returns false correctly. however, the recovered variable would not be correct as it will be the address recovered from ECDSA logic.
Recommendation
Consider explicitly setting
recoveredaddress toaddress(0)try IERC1271(signer).isValidSignature(digest, signature) returns (bytes4 magicValue) { if (magicValue == IERC1271.isValidSignature.selector) { return (true, address(0));+ } else {+ return (false, address(0)); // or recovered = address(0) } } catch { return (false, recovered);increase & decrease allowance can be removed
Summary
increase & decrease allowance functionalities were removed from openzeppelin for security reasons. hence I recommend to remove them here as well.
Recommendation
unless strictly required, it is advised to conform to modern security standards and also simplify the contract by removing this funcitonality.
Informational1 finding
Unused structs, variables & imports
Description
At various placed linked below, these variables, structs & imports are not used anywhere.
- https://github.com/davidtai/tea-token/blob/9b3e637e5feb9c52f057c06af4b27beb3366a8f2/src/TeaToken/ERC20PermitWithERC1271.sol#L13-L43
- https://github.com/davidtai/tea-token/blob/9b3e637e5feb9c52f057c06af4b27beb3366a8f2/src/TeaToken/EIP3009.sol#L30-L77
- https://github.com/davidtai/tea-token/blob/9b3e637e5feb9c52f057c06af4b27beb3366a8f2/src/TeaToken/Tea.sol#L36-L38
- https://github.com/davidtai/tea-token/blob/9b3e637e5feb9c52f057c06af4b27beb3366a8f2/src/TeaToken/Tea.sol#L19
Recommendation
- Consider removing them