OpenZeppelin Contracts's SignatureChecker may revert on invalid EIP-1271 signers
Description
OpenZeppelin Contracts is a library for smart contract development. Versions 4.1.0 until 4.7.1 are vulnerable to the SignatureChecker reverting. SignatureChecker.isValidSignatureNow is not expected to revert. However, an incorrect assumption about Solidity 0.8's abi.decode allows some cases to revert, given a target contract that doesn't implement EIP-1271 as expected. The contracts that may be affected are those that use SignatureChecker to check the validity of a signature and handle invalid signatures in a way other than reverting. The issue was patched in version 4.7.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
OpenZeppelin Contracts 4.1.0 to 4.7.0 SignatureChecker may unexpectedly revert on invalid EIP-1271 signatures due to an incorrect assumption about Solidity 0.8's abi.decode.
Vulnerability
CVE-2022-31172 affects OpenZeppelin Contracts versions 4.1.0 through 4.7.0. The SignatureChecker.isValidSignatureNow function, designed to return a boolean, can unexpectedly revert when interacting with a target contract that does not properly implement EIP-1271. This is caused by an incorrect assumption about Solidity 0.8's abi.decode behavior; under certain conditions, abi.decode itself will revert instead of returning an error, breaking the function's non-reverting guarantee [1][3].
Exploitation
The vulnerability is exploitable without authentication on the Ethereum network. An attacker only needs to provide a crafted signature and a target contract that deviates from the EIP-1271 interface expectation. The contract using SignatureChecker must handle invalid signatures in a way other than reverting—for example, by logging the failure and continuing execution—in order for the unexpected revert to cause a denial-of-service condition [3].
Impact
When the affected function reverts, it can prevent the calling contract from processing valid operations that depend on signature verification. This can lead to denial of service for users whose transactions rely on that verification step, potentially blocking critical functions like token transfers or governance actions [1][3].
Mitigation
The issue was patched in version 4.7.1 by adjusting how the return value from abi.decode is handled, ensuring that isValidSignatureNow no longer reverts on malformed EIP-1271 responses. Users should upgrade to 4.7.1 or later. No workaround is available for affected versions [2][3].
AI Insight generated on May 21, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
@openzeppelin/contractsnpm | >= 4.1.0, < 4.7.1 | 4.7.1 |
@openzeppelin/contracts-upgradeablenpm | >= 4.1.0, < 4.7.1 | 4.7.1 |
Affected products
3- ghsa-coords2 versions
>= 4.1.0, < 4.7.1+ 1 more
- (no CPE)range: >= 4.1.0, < 4.7.1
- (no CPE)range: >= 4.1.0, < 4.7.1
- OpenZeppelin/openzeppelin-contractsv5Range: >= 4.1.0, < 4.7.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4- github.com/advisories/GHSA-4g63-c64m-25w9ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-31172ghsaADVISORY
- github.com/OpenZeppelin/openzeppelin-contracts/pull/3552ghsax_refsource_MISCWEB
- github.com/OpenZeppelin/openzeppelin-contracts/security/advisories/GHSA-4g63-c64m-25w9ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.