Omniscia Evergon Labs Audit
OmnichainCallbackHandlerFacet Manual Review Findings
OmnichainCallbackHandlerFacet Manual Review Findings
OCH-01M: Potentially Improper Callback Handling
| Type | Severity | Location |
|---|---|---|
| Logical Fault |  | OmnichainCallbackHandlerFacet.sol:L36-L40 |
Description:
The OmnichainCallbackHandlerFacet::omnichainCallback function will not fail even if a particular callback has been consumed as the default state of the CallbackOperation enum is the IS_DATAPOINT_ADMIN_RESPONSE.
Impact:
The consumption of callback handler data is not performed properly due to the enum depicting a single state, permitting a particular rid to be reused.
Example:
contracts/dataIndex/omnichain/OmnichainCallbackHandlerFacet.sol
35(OmnichainSupportStorage.CallbackOperation op, bytes memory opData) = ossLayout.useCallbackHandlerData(rid);36if (op == OmnichainSupportStorage.CallbackOperation.IS_DATAPOINT_ADMIN_RESPONSE) {37 _approveOmnichainDataManagerCallback(opData, data);38} else {Recommendation:
We advise a new state to be introduced to the enum in its first slot, properly preventing a consumed callback from being repeated.
Alleviation (c6b23c23d8bcd8cce85049ad959cbd711a37126b):
A new state to the CallbackOperation enum was introduced at the OmnichainSupportStorage contract level, alleviating this exhibit.