abi.encodePacked may break with some initManagement signatures
Low/Info issue submitted by cergyk
Summary
The current implementation of the initManagement function uses abi.encodePacked for encoding the SetupParams struct. This approach may break if the struct includes dynamic length variables such as bytes. Adding such variables would change the struct's encoding to dynamic, causing the function to fail.
However, if a dynamic length variable such as bytes is added to the struct, the struct itself becomes dynamic. This means that the first word of its encoding would be its offset, which would break the function's logic.
Impact
If dynamic length variables are added to the SetupParams struct, the use of abi.encodePacked will lead to incorrect encoding. This will result in failures when calling initManagement.
Mitigation is not trivial and this is not a concern currently. However, please be aware that it may break if a dynamic variable is added to the struct in the future so avoid adding dynamic parameters to the struct.
abi.encodePacked may break with some initManagement signatures
Low/Info issue submitted by cergyk
Summary
The current implementation of the
initManagementfunction usesabi.encodePackedfor encoding theSetupParamsstruct. This approach may break if the struct includes dynamic length variables such asbytes. Adding such variables would change the struct's encoding to dynamic, causing the function to fail.Vulnerability Detail
The
initManagementfunction inArrakisStandardManageruses theSetupParamsstruct as an argument: ArrakisStandardManager.sol#L447, SManager.sol#L17-L25.Currently,
abi.encodePackedworks because the struct only contains static size parameters: ArrakisMetaVaultFactory.sol#L459-L461.However, if a dynamic length variable such as
bytesis added to the struct, the struct itself becomes dynamic. This means that the first word of its encoding would be itsoffset, which would break the function's logic.Impact
If dynamic length variables are added to the
SetupParamsstruct, the use ofabi.encodePackedwill lead to incorrect encoding. This will result in failures when callinginitManagement.Code Snippet
Tool used
Manual Review
Recommendation
Mitigation is not trivial and this is not a concern currently. However, please be aware that it may break if a dynamic variable is added to the struct in the future so avoid adding dynamic parameters to the struct.