Assessment reportsPublic findings
Back to Zellic site
Assessment reports>Pontem Aptos Wallet>Discussion>Unclear message signing flow
GeneralOverview
Findings
Medium (1)
Low (3)
DiscussionNew wallet creationPotentially insecure functionTypographical errorUnclear message signing flow
Audit ResultsAudit Results

Unclear message signing flow

window.pontem.signMessage({
  address: true, // set true if you want include current address to message
  application: true, // // set true if you want include current application to message
  chainId: true, // set true if you want include current chain id to message
  message: "a message i trust", // message like string or Uint8Array
  nonce: "random nonce", // random nonce like string
});

The message signing function accepts multiple booleans for variables such as chainId, address, and application. This may mislead the users that values are uniquely positioned in the message.

At the backend, all the values are simply contacted with newlines as separators.

const getMessageToSign = () => {
validateMessage();
const messageBuffer = ['APTOS', `message: ${message.message}`, `nonce: ${message.nonce}`];
message.application && messageBuffer.push(`application: ${origin}`);
message.chainId && messageBuffer.push(`chain_id: ${+chainId}`);
message.address && messageBuffer.push(`address: ${currentAccount?.address || ""}`);

A malicious site can simply set the boolean values to false and construct a fake message by appending newlines to the message parameter. This can trick a user into signing a message for chainIds they were not expecting.

Remediation

The flow was overhauled in commit 9c7aa600 to be in line with the APTOS standard.

Zellic © 2024Back to top ↑