[SEC-F27] principalToSubaccount uses no domain separator
krpeacock opened this issue · 0 comments
krpeacock commented
Observation
IIUC the invoice subaccounts use ‘invoice-id’ as domain separator for hashing, whereas the principal subaccounts don’t use a domain separator.
Risk description
There could be risk of hash collisions if the domains are not properly separated (not investigated in further detail).
Recommendations
For domain separation to be effective, we recommend to also add a domain separator to principalToSubaccount.