Ambiguity in _generateAddress Function Due to Dynamic Variable Encoding

[hats-bug-reporter[bot]]

Github username: -- Twitter username: -- Submission hash (on-chain): 0x07442a450902aabd3fed94109bb608a854845c8baad5c13837087c6a82727d16 Severity: low

Description: Description\ The _generateAddress function in the BitcoinAbstractWallet contract uses abi.encodePacked with dynamic variables. This can lead to potential issues due to the way Solidity handles dynamic types in abi.encodePacked. Specifically, concatenating dynamic types can result in ambiguous encoding, which might cause unexpected behavior or vulnerabilities.

Attack Scenario\ Describe how the vulnerability can be exploited.

Attachments

1. Proof of Concept (PoC) File

   function _generateAddress(bytes20 _dstHash, bytes1 _type) internal pure returns (bytes memory) {
   bytes memory addressData = bytes.concat(_dstHash);
   bytes32 checksum = bytes32(
       Endian.reverse256(
           uint256(BitcoinUtils.doubleSha256(abi.encodePacked(_type, addressData)))
       )
   );
   
   return abi.encodePacked(_type, addressData, bytes4(checksum));
   }

   The use of abi.encodePacked with dynamic variables (_type and addressData) can lead to ambiguous encoding. This is because abi.encodePacked does not include length information for dynamic types, which can result in collisions or unexpected behavior.

2. Revised Code File (Optional)

   -Consider using abi.encode instead of abi.encodePacked to avoid ambiguity.

[party-for-illuminati]

Invalid, because we need to concatenate those. Please refer to Bitcoin address generation specification