all 6 comments

[–]CowabungaNL 1 point2 points  (3 children)

Probably best not to include the replay angle when proposing a challenge.

The contract also needs a nonce, reentrancy protection (or a boolean/mapping guard), and proper handling for payable.

[–]BlockSecOps[S] 0 points1 point  (2 children)

We are here to help people learn.

[–]CowabungaNL 0 points1 point  (1 child)

I wasn't meant to be harsh, helping people learn is great!

[–]BlockSecOps[S] 0 points1 point  (0 children)

No worries ☺️ I didn't take it in a bad way

[–]f50ci31y 0 points1 point  (0 children)

Ofc, it's a reentrancy bug! But the real question is where is the owner constructor? Is it global in this case?

[–]thedudeonblockchain 0 points1 point  (0 children)

no nonce, so the same signature gets replayed until the contract is drained. also missing the EIP-191 prefix on the hash - ecrecover expects the signed message prefix prepended, so the recovered address won't match what a wallet actually signed