Omniscia Mitosis Audit
Message Manual Review Findings
Message Manual Review Findings
MEG-01M: Incorrect Message Type Encodings
Type | Severity | Location |
---|---|---|
Logical Fault | Message.sol:L86, L108 |
Description:
The Message::encodeRefund
and Message::encodeBridge
functions will incorrectly encode the cross-chain messages as they will utilize the Deposit
enum value for the MsgType
.
Impact:
Given that all messages can be decoded with the same ABI approach due to having two bytes32
slots and a uint256
slot, the incorrectly encoded messages would be processed as deposits.
Example:
src/helpers/ccdm/Message.sol
85function encodeRefund(MsgRefund memory msg_) internal pure returns (bytes memory) {86 return abi.encodePacked(MsgType.Deposit, msg_.receiver, msg_.token, msg_.amount);87}
Recommendation:
We advise the correct type to be utilized per case, ensuring that the messages are correctly consumed once bridged.
Alleviation (d94d2a63d25db5623d69dc33aea6e4fdd011d669):
The MsgType
values that are encoded in each of the referenced functions have been corrected as advised.