@1inch/solidity-utils 2.1.0 → 2.1.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/contracts/libraries/ECDSA.sol +22 -5
- package/package.json +21 -21
|
@@ -54,20 +54,37 @@ library ECDSA {
|
|
|
54
54
|
}
|
|
55
55
|
}
|
|
56
56
|
|
|
57
|
-
///
|
|
57
|
+
/// WARNING!!!
|
|
58
|
+
/// There is a known signature malleability issue with two representations of signatures!
|
|
59
|
+
/// Even though this function is able to verify both standard 65-byte and compact 64-byte EIP-2098 signatures
|
|
60
|
+
/// one should never use raw signatures for any kind of invalidation logic in their code.
|
|
61
|
+
/// As the standard and compact representations are interchangeable any invalidation logic that relies on
|
|
62
|
+
/// signature uniqueness will get rekt.
|
|
63
|
+
/// More info: https://github.com/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-4h98-2769-gh6h
|
|
58
64
|
function recover(bytes32 hash, bytes calldata signature) internal view returns(address signer) {
|
|
59
65
|
/// @solidity memory-safe-assembly
|
|
60
66
|
assembly { // solhint-disable-line no-inline-assembly
|
|
61
|
-
|
|
62
|
-
if eq(signature.length, 64) {
|
|
63
|
-
let ptr := mload(0x40)
|
|
67
|
+
let ptr := mload(0x40)
|
|
64
68
|
|
|
69
|
+
// memory[ptr:ptr+0x80] = (hash, v, r, s)
|
|
70
|
+
switch signature.length
|
|
71
|
+
case 65 {
|
|
72
|
+
// memory[ptr+0x20:ptr+0x80] = (v, r, s)
|
|
73
|
+
mstore(add(ptr, 0x20), byte(0, calldataload(add(signature.offset, 0x40))))
|
|
74
|
+
calldatacopy(add(ptr, 0x40), signature.offset, 0x40)
|
|
75
|
+
}
|
|
76
|
+
case 64 {
|
|
65
77
|
// memory[ptr+0x20:ptr+0x80] = (v, r, s)
|
|
66
78
|
let vs := calldataload(add(signature.offset, 0x20))
|
|
67
79
|
mstore(add(ptr, 0x20), add(27, shr(_COMPACT_V_SHIFT, vs)))
|
|
68
80
|
calldatacopy(add(ptr, 0x40), signature.offset, 0x20)
|
|
69
81
|
mstore(add(ptr, 0x60), and(vs, _COMPACT_S_MASK))
|
|
82
|
+
}
|
|
83
|
+
default {
|
|
84
|
+
ptr := 0
|
|
85
|
+
}
|
|
70
86
|
|
|
87
|
+
if ptr {
|
|
71
88
|
if lt(mload(add(ptr, 0x60)), _S_BOUNDARY) {
|
|
72
89
|
// memory[ptr:ptr+0x20] = (hash)
|
|
73
90
|
mstore(ptr, hash)
|
|
@@ -82,7 +99,7 @@ library ECDSA {
|
|
|
82
99
|
|
|
83
100
|
function recoverOrIsValidSignature(address signer, bytes32 hash, bytes calldata signature) internal view returns(bool success) {
|
|
84
101
|
if (signer == address(0)) return false;
|
|
85
|
-
if (signature.length == 64 && recover(hash, signature) == signer) {
|
|
102
|
+
if ((signature.length == 64 || signature.length == 65) && recover(hash, signature) == signer) {
|
|
86
103
|
return true;
|
|
87
104
|
}
|
|
88
105
|
return isValidSignature(signer, hash, signature);
|
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@1inch/solidity-utils",
|
|
3
|
-
"version": "2.1.
|
|
3
|
+
"version": "2.1.1",
|
|
4
4
|
"main": "dist/src/index.js",
|
|
5
5
|
"types": "dist/src/index.d.ts",
|
|
6
6
|
"repository": {
|
|
@@ -27,49 +27,49 @@
|
|
|
27
27
|
},
|
|
28
28
|
"dependencies": {
|
|
29
29
|
"@metamask/eth-sig-util": "4.0.1",
|
|
30
|
-
"@openzeppelin/contracts": "4.
|
|
31
|
-
"@openzeppelin/test-helpers": "0.5.
|
|
30
|
+
"@openzeppelin/contracts": "4.7.3",
|
|
31
|
+
"@openzeppelin/test-helpers": "0.5.16",
|
|
32
32
|
"bn.js": "5.2.1",
|
|
33
33
|
"chai": "4.3.6",
|
|
34
34
|
"chai-as-promised": "7.1.1",
|
|
35
35
|
"chai-bn": "0.3.1",
|
|
36
36
|
"ethereumjs-util": "7.1.5",
|
|
37
|
-
"web3-utils": "1.
|
|
37
|
+
"web3-utils": "1.8.0"
|
|
38
38
|
},
|
|
39
39
|
"devDependencies": {
|
|
40
|
-
"@nomiclabs/hardhat-truffle5": "2.0.
|
|
40
|
+
"@nomiclabs/hardhat-truffle5": "2.0.7",
|
|
41
41
|
"@nomiclabs/hardhat-web3": "2.0.0",
|
|
42
|
-
"@typechain/hardhat": "
|
|
42
|
+
"@typechain/hardhat": "6.1.3",
|
|
43
43
|
"@typechain/truffle-v5": "7.0.0",
|
|
44
|
-
"@types/chai": "4.3.
|
|
44
|
+
"@types/chai": "4.3.3",
|
|
45
45
|
"@types/chai-as-promised": "7.1.5",
|
|
46
46
|
"@types/eth-sig-util": "2.1.1",
|
|
47
47
|
"@types/ethereumjs-util": "6.1.0",
|
|
48
48
|
"@types/mocha": "9.1.1",
|
|
49
|
-
"@types/node": "18.
|
|
50
|
-
"@typescript-eslint/eslint-plugin": "5.
|
|
51
|
-
"@typescript-eslint/parser": "5.
|
|
49
|
+
"@types/node": "18.7.18",
|
|
50
|
+
"@typescript-eslint/eslint-plugin": "5.38.0",
|
|
51
|
+
"@typescript-eslint/parser": "5.38.0",
|
|
52
52
|
"acquit": "1.2.1",
|
|
53
|
-
"commander": "9.
|
|
53
|
+
"commander": "9.4.0",
|
|
54
54
|
"create-ts-index": "1.14.0",
|
|
55
55
|
"cross-spawn": "7.0.3",
|
|
56
|
-
"dotenv": "16.0.
|
|
57
|
-
"eslint": "8.
|
|
56
|
+
"dotenv": "16.0.2",
|
|
57
|
+
"eslint": "8.23.1",
|
|
58
58
|
"eslint-config-standard": "17.0.0",
|
|
59
59
|
"eslint-plugin-import": "2.26.0",
|
|
60
|
-
"eslint-plugin-n": "15.2.
|
|
61
|
-
"eslint-plugin-promise": "6.0.
|
|
60
|
+
"eslint-plugin-n": "15.2.5",
|
|
61
|
+
"eslint-plugin-promise": "6.0.1",
|
|
62
62
|
"eslint-plugin-standard": "5.0.0",
|
|
63
63
|
"ethereumjs-wallet": "1.0.2",
|
|
64
|
-
"hardhat": "2.
|
|
65
|
-
"hardhat-gas-reporter": "1.0.
|
|
64
|
+
"hardhat": "2.11.2",
|
|
65
|
+
"hardhat-gas-reporter": "1.0.9",
|
|
66
66
|
"rimraf": "3.0.2",
|
|
67
67
|
"shx": "0.3.4",
|
|
68
68
|
"solhint": "3.3.7",
|
|
69
|
-
"solidity-coverage": "0.
|
|
70
|
-
"ts-node": "10.
|
|
71
|
-
"typechain": "7.0.
|
|
72
|
-
"typescript": "4.
|
|
69
|
+
"solidity-coverage": "0.8.2",
|
|
70
|
+
"ts-node": "10.9.1",
|
|
71
|
+
"typechain": "7.0.1",
|
|
72
|
+
"typescript": "4.8.3"
|
|
73
73
|
},
|
|
74
74
|
"bin": {
|
|
75
75
|
"solidity-utils-docify": "utils/docify.utils.js",
|