`quote()` view function in `TempleTeleporter` contract return wrong value
Summary
quote() view function in TempleTeleporter contract return wrong value
Vulnerability Details
In TempleTeleporter contract, quote() function returns amount of native token and lz token required to send crosschain message. It serves the purpose as an API to get the required native token amount to later call to teleport() function
Notice here that the message to get quote is abi.encodePacked(_to, _amount), but in teleport(), the message sent is abi.encodePacked(to.addressToBytes32(), amount)
https://github.com/Cyfrin/2024-07-templegold/blob/57a3e597e9199f9e9e0c26aab2123332eb19cc28/protocol/contracts/templegold/TempleTeleporter.sol#L52
Impact
The message in quote() is shorter than the message in teleport(), which means the quote fetched will likely not enough to cover the fee for teleport(), which make function reverted
L0's docs: https://docs.layerzero.network/v2/developers/evm/oapp/overview#estimating-gas-fees
Make sure that the arguments passed into the quote() function identically match the parameters used in the lzSend() function. If parameters mismatch, you may run into errors as your msg.value will not match the actual gas quote.
Tools Used
Manual Review
Recommendations
Lead Judging Commences
Incorrect payload bytes in `quote()` they use `abi.encodePacked(_to, _amount)` instead of `abi.encodePacked(_to.addressToBytes32(), _amount)`
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.