Open hats-bug-reporter[bot] opened 4 months ago
Github username: @@giorgiodalla Twitter username: 0xAuditism Submission hash (on-chain): 0xc54c22bf4689dc629e0450b92b91ba519b7de8418ecec7b21fd355829d8c3dcd Severity: low
Description: Description\ Using abi.encodePacked() with multiple variable length arguments can, in certain situations, lead to a hash collision.
Attack Scenario\ Describe how the vulnerability can be exploited.
Attachments
In the computeNocne we can see such occurence.
nonce = keccak256(abi.encodePacked(keyIndex, nonceConst));
- nonce = keccak256(abi.encodePacked(keyIndex, nonceConst)); + nonce = keccak256(abi.encode(keyIndex, nonceConst));
Github username: @@giorgiodalla Twitter username: 0xAuditism Submission hash (on-chain): 0xc54c22bf4689dc629e0450b92b91ba519b7de8418ecec7b21fd355829d8c3dcd Severity: low
Description: Description\ Using abi.encodePacked() with multiple variable length arguments can, in certain situations, lead to a hash collision.
Attack Scenario\ Describe how the vulnerability can be exploited.
Attachments
In the computeNocne we can see such occurence.