Dev Tools · 1h ago
Signature Replay Bugs in Solidity: How to Spot the Subtle Ones
Signature replay attacks let attackers reuse a valid signature indefinitely, draining funds. Three variants exist: no nonce, no domain separator (cross-chain), and nonce reset. Fixes include nonces, EIP-712 domain separators, and monotonic nonce management.
Meridian48 take
This is a practical deep-dive for Solidity devs, but the cross-chain variant is especially relevant as multi-chain protocols proliferate.
Read the full reporting
Signature Replay Attacks in Solidity: The Bug That Looks Correct →
DEV Community
soliditysmart-contract-security