Last Updated on August 8, 2023 by Bitfinsider

The ‘assetProtection’ role in PYUSD’s contract was highlighted by smart contract security auditor Pashov in a recent Twitter thread. Your balance can be wiped in two transactions: “freeze” followed by “wipeFrozenAddress.”

This is considered an attack vector because if an attacker were to gain access to it, their potential for harm would be increased.

Pashov noted that PYUSD employs the Solidity compiler version 0.4.24 and contains six decimal places. Even more intriguing is the fact that this smart contract does not “implement EIP-712 as the standard expects you to.”

It is now possible for Ethereum wallets like MetaMask to display organised and comprehensible data in signing prompts as opposed to just hexadecimal strings thanks to Ethereum Improvement Proposal 712 (EIP-712), a 2017 standard. Users may more easily confirm the real data they are signing thanks to this, which enhances security and usability.

Developers must specify data structures and produce a domain separator to support EIP-712 and avoid signature collisions amongst dapps. Additionally, they must create contract code to hash the data structures, write signing code for their dapp to interface with the user’s wallet, and create ecrecover code to check signatures on-chain. Overall, EIP-712 shields users from phishing assaults and improves their understanding of the documents they are signing.

A Solidity EVM precompile called Ecrecover enables contracts to validate off-chain data signatures. It requests a hash and an elliptic curve signature with the letters v, r, and s, and then confirms the signature’s legitimacy by returning the Ethereum address that was used to sign the data. This enables the development of use cases like permission tokens and meta-transactions.

Data signatures can be made using a variety of protocols, including EIP-712, personal_sign, and eth_sign. Since EIP-712 offers defence against abuse and replay attacks, it is advised that contracts utilise it to accept signed data. It entails hashing both the message data and particular contract data, such as chain ID. Secure ecrecover and EIP-712 signature implementations are offered by OpenZeppelin contracts. Enabling contracts to cryptographically check signed data from off-chain sources is the overall goal of ecrecover.

Those in the cryptocurrency industry who anticipate assets to be completely under the control of the owners may be surprised by features like freezing and balance-wiping.

However, these capabilities have been made possible by tokens based on smart contracts for some time, and centralised stablecoins typically contain features similar to them.

“Newsflash: USDT & USDC both have similar attack vectors as well. I thought this one might be different, but it really isn’t,”  Pashov said.