Omniscia Boson Protocol Audit
TokenTransferAuthorizationLib Manual Review Findings
TokenTransferAuthorizationLib Manual Review Findings
TTA-01M: Potentially Restrictive Panic
| Type | Severity | Location |
|---|---|---|
| Standard Conformity | ![]() | TokenTransferAuthorizationLib.sol:L186-L194 |
Description:
The TokenTransferAuthorizationLib::consumeForTransfer function will attempt to decode token transfer authorization strategies and revert via a panic if an unknown TokenTransferAuthorizationStrategy enum is provided.
As the Boson Protocol codebase is deployed across multiple chains, certain chains might have different authorization strategies with some possessing more than others. In such cases, the construction of transactions would be burdensome as, depending on the network, different payloads would have to be created to avoid this revert.
Example:
186// Decoding as the enum makes Solidity range-check the tag for us: any187// value outside `TokenTransferAuthorizationStrategy`'s declared range188// trips `Panic(0x21)` inside `abi.decode`. The dispatch below therefore189// only needs to handle the four known strategies and can fall through190// to `return false` for `None`.191(BosonTypes.TokenTransferAuthorizationStrategy strategy, bytes memory data) = abi.decode(192 entry,193 (BosonTypes.TokenTransferAuthorizationStrategy, bytes)194);Recommendation:
We advise the code to instead return false if the decoding operation is not possible, optimizing the protocol's cross-chain usage.
Alleviation (8fccc2716047809e4bc7786c95d346e5c61b2896):
The Boson Protocol team evaluated this exhibit and clarified that the strategies they employ cross-chain are consistent and that reverting is the correct course of action for the current deployment expected, with intentions to add graceful handling if the cross-chain deployments deviate in their strategies.
As such, we consider this exhibit safely acknowledged.
TTA-02M: Inexistent Support of DAI Permit
| Type | Severity | Location |
|---|---|---|
| Standard Conformity | ![]() | TokenTransferAuthorizationLib.sol:L241-L243 |
Description:
The codebase is meant to be compatible with DAI as indicated by the presence of the DAIAliases file and the SudoswapWrapper yet does not support its permit flow.
Impact:
The DAI token permit is currently unsupported by the Boson Protocol system even though DAI itself is actively used in the protocol.
Example:
239function _consumeEIP2612(address _token, address _from, address _to, uint256 _amount, bytes memory _data) private {240 (uint256 deadline, uint8 v, bytes32 r, bytes32 s) = abi.decode(_data, (uint256, uint8, bytes32, bytes32));241 if (IERC20(_token).allowance(_from, _to) != _amount) {242 IERC2612(_token).permit(_from, _to, _amount, deadline, v, r, s);243 }244 IERC20(_token).safeTransferFrom(_from, _to, _amount);245}Recommendation:
We advise the DAI-specific permit signature and flow to be supported similarly to the existing EIP-2612 permit flow.
Alleviation (8fccc2716047809e4bc7786c95d346e5c61b2896):
Proper support for DAI-like permits has been introduced by merging EIP-2612 and DAI-like permit functionality into a single TokenTransferAuthorizationLib::_consumePermit handler, alleviating this exhibit.

