_Follow along with the video lesson:_ --- ### Exploit - Signature Replay Introduction Alright, there seems to be a lot going on in the sendToL1 function, lots of complicated signature stuff. Is there any way we can break this? ```js function sendToL1(uint8 v, bytes32 r, bytes32 s, bytes memory message) public nonReentrant whenNotPaused { address signer = ECDSA.recover(MessageHashUtils.toEthSignedMessageHash(keccak256(message)), v, r, s); if (!signers[signer]) { revert L1BossBridge__Unauthorized(); } (address target, uint256 value, bytes memory data) = abi.decode(message, (address, uint256, bytes)); (bool success,) = target.call{ value: value }(data); if (!success) { revert L1BossBridge__CallFailed(); } } ``` Consider the nature of the blockchain. Any data passed to a transaction is publicly accessible. Once a signed message's v, r and s are made public, on-chain, anyone could execute this transaction, technically. ... What happens if the transaction happens twice? Let's find out, with an example, in the next lesson!
Learn about cryptographic verification and blockchain signatures as well as preserving the integrity of signed messages.
Previous lesson
Previous
Next lesson
Next
Give us feedback
Solidity Developer
Smart Contract SecurityDuration: 25min
Duration: 1h 18min
Duration: 35min
Duration: 2h 28min
Duration: 5h 03min
Duration: 5h 22min
Duration: 4h 33min
Duration: 2h 01min
Duration: 1h 40min