Omniscia Kyber Network Audit
UniswapV4KEMHook Manual Review Findings
UniswapV4KEMHook Manual Review Findings
UVK-01M: Inexistent Restriction of Signature Submitter
| Type | Severity | Location |
|---|---|---|
| Logical Fault |  | UniswapV4KEMHook.sol:L124-L135 |
Description:
The signature validation process in the UniswapV4KEMHook::beforeSwap function will not incorporate the whitelisted sender into the signed payload, permitting any of the multiple whitelisted senders to utilize a single signature.
Impact:
Any whitelisted member can presently utilize any signature as long as it is valid which we consider incorrect.
If signatures were being consumed, this exhibit would have been considered to be of medium severity, however, the present flaw simply permits a higher degree of access than expected.
Example:
102function beforeSwap(103 address sender,104 PoolKey calldata key,105 IPoolManager.SwapParams calldata params,106 bytes calldata hookData107) external view onlyPoolManager returns (bytes4, BeforeSwapDelta, uint24) {108 require(whitelisted[sender], NonWhitelistedAccount(sender));109 require(params.amountSpecified < 0, ExactOutputDisabled());110
111 (112 int256 maxAmountIn,113 int256 maxExchangeRate,114 int256 exchangeRateDenom,115 uint256 expiryTime,116 bytes memory signature117 ) = HookDataDecoder.decodeAllHookData(hookData);118
119 require(block.timestamp <= expiryTime, ExpiredSignature(expiryTime, block.timestamp));120 require(121 -params.amountSpecified <= maxAmountIn,122 ExceededMaxAmountIn(maxAmountIn, -params.amountSpecified)123 );124 require(125 SignatureChecker.isValidSignatureNow(126 quoteSigner,127 keccak256(128 abi.encode(129 key, params.zeroForOne, maxAmountIn, maxExchangeRate, exchangeRateDenom, expiryTime130 )131 ),132 signature133 ),134 InvalidSignature()135 );136
137 return (this.beforeSwap.selector, BeforeSwapDeltaLibrary.ZERO_DELTA, 0);138}Recommendation:
We advise the sender to be incorporated into the signed payload so as to prevent the consumption of signatures meant for different senders.
Alleviation:
The sender has been incorporated within the signature payload itself, rendering the original whitelisted enforcement redundant and alleviating the vulnerability described.
UVK-02M: Inexistent Consumption of Signature
| Type | Severity | Location |
|---|---|---|
| Logical Fault |  | UniswapV4KEMHook.sol:L124-L135 |
Description:
The quoteSigner signature can be replayed indefinitely before its expiryTime as it is not consumed.
Impact:
A signed payload can be repeated an infinite number of times, effectively bypassing the maxAmountIn restriction.
Example:
124require(125 SignatureChecker.isValidSignatureNow(126 quoteSigner,127 keccak256(128 abi.encode(129 key, params.zeroForOne, maxAmountIn, maxExchangeRate, exchangeRateDenom, expiryTime130 )131 ),132 signature133 ),134 InvalidSignature()135);136
137return (this.beforeSwap.selector, BeforeSwapDeltaLibrary.ZERO_DELTA, 0);Recommendation:
We advise the signature to be marked as consumed by utilizing a nonce per quoteSigner, preventing signature replay attacks.
Alleviation:
An UnorderedNonce implementation has been introduced to the codebase that permits nonces to be marked as consumed, allowing nonces to be incorporated to the signed payload consumed for each UniswapV4KEMHook::beforeSwap operation.