Potential cross-chain and cross-contract replay attack on future deployments
The mint() signature payload omits address(this) and chainid, so signatures are theoretically replayable across other deployments or chains if the verifier and logic are mirrored.
Description
The current signature used in the mint() function is built as follows:
bytes32 structHash = keccak256(abi.encode(MINT_INFO_TYPEHASH, to_, value_, stakingPool_));bytes32 hash = _hashTypedDataV4(structHash);require(SignatureChecker.isValidSignatureNow($._verifier, hash, signature_), "Invalid signature");
This structure does not include the contract address (address(this)) nor the chainId in the signed data. As a result, signatures valid in one deployment or network could potentially be replayed in another, assuming the verifier and logic are replicated.
While the current risk is informational (the team has confirmed there are no plans for cross-chain or multi-instance deployments), it represents a potential vector for future replay attacks.
Recommendation
Include contract address and block.chainid in the signed data.
