Skip to content
This repository has been archived by the owner on May 26, 2023. It is now read-only.

Latest commit

 

History

History
35 lines (20 loc) · 1.55 KB

018.md

File metadata and controls

35 lines (20 loc) · 1.55 KB
Raw

seeu

low

Avoid using abi.encodePacked() with dynamic types when passing the result to a hash function

Summary

Avoid using abi.encodePacked() with dynamic types when passing the result to a hash function

Vulnerability Detail

Avoid using abi.encodePacked() with dynamic types when passing the result to a hash function. abi.encode() will pad items to 32 bytes, which will prevent hash collisions. bytes.concat() should be used if all parameters are strings or bytes.

Impact

Hash collision prevention

Code Snippet

op-geth/contracts/checkpointoracle/contract/oracle.sol#L99

bytes32 signedHash = keccak256(abi.encodePacked(byte(0x19), byte(0), this, _sectionIndex, _hash));

Tool used

  • Private self-made tool for static analysis
  • Manual Review, Remix IDE

Recommendation

Instead of using abi.encodePacked() use abi.encode(). It will pad items to 32 bytes, which will prevent hash collisions.

It is possible to cast to bytes() or bytes32() in place of abi.encodePacked() when there is just one parameter, see "how to compare strings in solidity?". bytes.concat() should be used if all parameters are strings or bytes.