Description

The extractPaymentToWithOpReturnId function extracts the user's Lorenzo address from the Bitcoin transaction metadata. This is the address to which stBTC is minted. It only handles the OP_PUSHDATA1 case when extracting the address.

if pkScriptLen > 1 &&
	pkScriptLen <= maxOpReturnPkScriptSize &&
	pkScript[0] == txscript.OP_RETURN {

	// if this is OP_PUSHDATA1, we need to drop first 3 bytes as those are related
	// to script iteslf i.e OP_RETURN + OP_PUSHDATA1 + len of bytes
	if pkScript[1] == txscript.OP_PUSHDATA1 {
		opReturnId = pkScript[3:]
	} else {
		// this should be one of OP_DATAXX opcodes we drop first 2 bytes
		opReturnId = pkScript[2:]
	}
	foundOpReturnId = true
}

However, it is possible for the client to use OP_PUSHDATA2 or OP_PUSHDATA4 opcodes when making the BTC transaction. These opcodes use two and four bytes for the data length, respectively. In this case, the extracted Lorenzo address will be incorrect.

Impact

The stBTC mint will be unsuccessful as the user address extracted is invalid. The user does not receive any stBTC despite transferring BTC to the Lorenzo wallet.

Recommendations

Handle the OP_PUSHDATA2 and OP_PUSHDATA4 opcodes by correctly accounting for the length bytes when extracting the user address.

Remediation

The platform only uses the OP_PUSHBYTES opcode to store the user address. The length is later verified in CreateBTCStaking to be exactly 20 bytes. The call would simply return an error if the extracted address is not 20 bytes long.