Omniscia BlazeSwap Audit
DelegateCallHelper Manual Review Findings
DelegateCallHelper Manual Review Findings
DCH-01M: Incorrect Management of Error Message Decoding
Type | Severity | Location |
---|---|---|
Logical Fault | DelegateCallHelper.sol:L8-L15 |
Description:
As evidenced in the original Stack Overflow thread, the error decoding mechanism referenced is only applicable when no custom errors are defined and will fatally fail with an undefined error when attempting to decode custom errors.
Impact:
Debugging error codes from applications compiled post-0.8.0
and with custom errors will potentially fail when attempting to decode the resulting payload.
Example:
contracts/shared/libraries/DelegateCallHelper.sol
4library DelegateCallHelper {5 function delegateAndCheckResult(address recipient, bytes memory data) internal returns (bytes memory) {6 (bool success, bytes memory result) = recipient.delegatecall(data);7
8 if (!success) {9 // https://ethereum.stackexchange.com/a/8357710 if (result.length < 68) revert('DelegateCallHelper: revert with no reason');11 assembly {12 result := add(result, 0x04)13 }14 revert(abi.decode(result, (string)));15 }16
17 return result;18 }19}
Recommendation:
We advise an alternative answer to the original thread to be applied instead that properly handles all error types available in the pragma
version of the BlazeSwap code.
Alleviation:
The BlazeSwap team evaluated this exhibit and opted to simply bubble-up the error rather than parse it. We consider this solution an adequate alleviation to the exhibit.