Omniscia Mitosis Audit

Message Manual Review Findings

Message Manual Review Findings

MEG-01M: Incorrect Message Type Encodings

TypeSeverityLocation
Logical FaultMessage.sol:L86, L108

Description:

The Message::encodeRefund and Message::encodeBridge functions will incorrectly encode the cross-chain messages as they will utilize the Deposit enum value for the MsgType.

Impact:

Given that all messages can be decoded with the same ABI approach due to having two bytes32 slots and a uint256 slot, the incorrectly encoded messages would be processed as deposits.

Example:

src/helpers/ccdm/Message.sol
85function encodeRefund(MsgRefund memory msg_) internal pure returns (bytes memory) {
86 return abi.encodePacked(MsgType.Deposit, msg_.receiver, msg_.token, msg_.amount);
87}

Recommendation:

We advise the correct type to be utilized per case, ensuring that the messages are correctly consumed once bridged.

Alleviation (d94d2a63d25db5623d69dc33aea6e4fdd011d669):

The MsgType values that are encoded in each of the referenced functions have been corrected as advised.