EIP712Base Manual Review Findings

EIP-01M: Improper Domain Seperator Initialization

Description:

The EIP712 domain seperator of the contract is initialized only once instead of being calculated each time it is required. This can cause complication in case of a fork as the chainid member will change while the domain seperator will remain incorrect.

Example:

Copy
23// supposed to be called once while initializing.
24// one of the contractsa that inherits this contract follows proxy pattern
25// so it is not possible to do this in a constructor
26function _initializeEIP712(
27    string memory name
28)
29    internal
30    initializer
31{
32    _setDomainSeperator(name);
33}
34
35function _setDomainSeperator(string memory name) internal {
36    domainSeperator = keccak256(
37        abi.encode(
38            EIP712_DOMAIN_TYPEHASH,
39            keccak256(bytes(name)),
40            keccak256(bytes(ERC712_VERSION)),
41            address(this),
42            bytes32(getChainId())
43        )
44    );
45}

Recommendation:

We advise a form of caching implementation to be utilized similar to the draft-EIP712 implementation of OpenZeppelin whereby the domain seperator of the current chain is cached and if the chainid changes, it is freshly calculated again.

Alleviation:

The EIP domain is now properly rebuilt in case the chain ID mismatches the latest stored one thereby alleviating this exhibit in full.