Omniscia Evergon Labs Audit
ReturnFungAndSemiFungFractionsOmnichainFacet Manual Review Findings
ReturnFungAndSemiFungFractionsOmnichainFacet Manual Review Findings
RFS-01M: Inexistent Handling of Refund
| Type | Severity | Location |
|---|---|---|
| Logical Fault |  | ReturnFungAndSemiFungFractionsOmnichainFacet.sol:L28-L34 |
Description:
The ReturnFungAndSemiFungFractionsOmnichainFacet::handlePostPurchasePhase function will perform a cross-chain transaction using the Evergon Labs ODC implementation, however, any refund that will potentially be acquired if a surplus of msg.value is sent to the call is not handled as the refund address will be set to the ReturnFungAndSemiFungFractionsOmnichainFacet address itself (i.e. the Diamond).
Impact:
Any failed LayerZero transaction refund will be lost in the FractionalisationDiamond as it is not adequately handled.
Example:
19function handlePostPurchasePhase(20 uint256 campaignId,21 uint256 amountOfFractions,22 uint32 chainId,23 address msg_sender,24 bytes calldata25) external payable onlyInternalDelegateCall {26 OmnichainAddress omnichainAccount = OmnichainAddresses.encode(chainId, msg_sender);27
28 ISemiFungibleAndFungibleFractionTransferFacet(address(this)).transferFractions{value: msg.value}(29 campaignId,30 address(this),31 omnichainAccount,32 0, // In the first fractions mint, always id 0 is used (if semi-fungible)33 amountOfFractions34 );35
36 emit PostPurchasePhaseHandled(campaignId, amountOfFractions, msg_sender);37}Recommendation:
We advise refunds to be adequately handled, potentially by keeping track of the LayerZero request ID and evaluating whether it has resulted in a refund through the OmnichainProxy. To note, any alleviation of this exhibit would require a significant refactor of the ODC codebase to better integrate with external implementations such as the tokenizer system.
Alleviation (71cda4ccfdcfa25fb96a4565f1f8143b350dd246):
The ODC implementation of the Evergon Labs team was refactored to support an explicitly defined refund address that is in turn propagated from the Erc1155FractionFacet::transferFractions function, ensuring that a failed transaction will properly refund the failed cross-chain transfer to the appropriate address.