Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>Echelon>High findings>Incorrect integer parsing
GeneralOverview
Findings
High (2)Incorrect integer parsingIncorrect assertion in deposit_manager
Medium (1)
Low (1)
Informational (1)
DiscussionMinor issues with DUST_THRESHOLDShare amount could be zero
DesignComponents: echelon_oracle and initia_deploy
Audit ResultsAssessment Results
Category: Coding Mistakes

Incorrect integer parsing

High Impact
High Severity
High Likelihood

Description

The parse_deposit_payload function incorrectly handles integer-value parsing. While Solidity stores integer values into memory in big-endian format (right to left), the from_bcs module parses integers in little-endian format (left to right).

// Per Payload (first 65 bytes):
let market_hash = from_bcs::to_address(vector::slice(&message, 0, 32));
let ccdm_nonce = from_bcs::to_u256(vector::slice(&message, 32, 64));
let expected_messages = from_bcs::to_u8(vector::slice(&message, 64, 65));

// Per Depositor (following 32 byte blocks):
let depositor_indices = vector::range_with_step(65, vector::length(&message), 32);
let depositor_map = simple_map::new();
vector::for_each(depositor_indices, |index| {
    assert!(index + 32 <= vector::length(&message), ERR_DEPOSIT_MANAGER_MALFORMED_PAYLOAD);
    let depositor_address = vector::slice(&message, index, index + 20);
    let depositor_amount = from_bcs::to_u128(vector::slice(&message, index + 20, index + 32));
    assert!(depositor_amount <= MAX_U64, ERR_DEPOSIT_MANAGER_DEPOSIT_AMOUNT_OVERFLOW);

    let depositor_amount_adjusted = ((depositor_amount / (math64::pow(10, asset_mantissa_diff) as u128)) as u64);
    let amount_vector = vector[depositor_amount_adjusted];
    simple_map::add(&mut depositor_map, depositor_address, amount_vector);
});

This is the difference of the results between the controller test code and the Solidity code. The address is the same, but the ccdm_nonce in Solidity would be 0x100...0 in the module.

// controller test code
0000000000000000000000000000000000000000000000000000000123456789 // market hash
0100000000000000000000000000000000000000000000000000000000000000 // ccdm nonce

// CCDMPayloadLib.sol
0000000000000000000000000000000000000000000000000000000123456789 // market hash
0000000000000000000000000000000000000000000000000000000000000001 // ccdm nonce

Impact

The incorrect integer parsing can result in misinterpreted deposit amounts and invalid nonce values.

Recommendations

Reverse the byte order of integer values before passing values to the from_bcs module to ensure proper integer parsing.

Remediation

This issue has been acknowledged by Echelon, and a fix was implemented in commit f6fc03c0.

Zellic © 2025Back to top ↑