Fix invalid length check in SignatureChecker

[Amxx]

Fix invalid value introduced in the 5.5 refactor.

0x20 minus one is 0x1f and not 0x19. Typical decimal/hexadecimal confusion.

PR Checklist

• Tests
• Documentation
• Changeset entry (run npx changeset add)

[changeset-bot]

⚠️ No Changeset found

Latest commit: d78ff40

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[ernestognw]

Good catch, thanks!

[coderabbitai]

Walkthrough

The pull request modifies contracts/utils/cryptography/SignatureChecker.sol. In the function isValidERC1271SignatureNow, the minimum returndata size check for ERC-1271 validation was increased from 0x19 (25 bytes) to 0x1f (31 bytes). The function still requires the call to succeed and the returned data to start with the expected selector. No arguments, external interfaces, or exported/public declarations were changed.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Title Check	✅ Passed	The pull request title succinctly and accurately describes the core change by specifying that an invalid length check in the SignatureChecker contract is being fixed, which directly matches the adjustment from 0x19 to 0x1f in the code.
Description Check	✅ Passed	The pull request description clearly explains the decimal versus hexadecimal confusion that led to the incorrect value, identifies the specific error introduced in the 5.5 refactor, and directly relates this explanation to the code change in SignatureChecker.
Docstring Coverage	✅ Passed	No functions found in the changes. Docstring coverage check skipped.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 765b288 and c50704e.

📒 Files selected for processing (1)

• contracts/utils/cryptography/SignatureChecker.sol (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (9)

• GitHub Check: Redirect rules - solidity-contracts
• GitHub Check: Header rules - solidity-contracts
• GitHub Check: Pages changed - solidity-contracts
• GitHub Check: tests-upgradeable
• GitHub Check: coverage
• GitHub Check: tests-foundry
• GitHub Check: slither
• GitHub Check: halmos
• GitHub Check: tests

🔇 Additional comments (1)

contracts/utils/cryptography/SignatureChecker.sol (1)

86-86: Critical fix: enforce ≥32-byte ERC-1271 returndata

• Change to gt(returndatasize(), 0x1f) correctly requires 32 bytes for the ABI-encoded bytes4, preventing garbage from 26–31 byte returns matching the selector.
• Confirm test coverage for both 26–31 byte and ≥32 byte returndata edge cases.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[ernestognw]

Sorry for the mess, I got messed up with #5974