Liquid Staking

Summary

abi.encodeWithSignature and abi.encodeWithSelector are used to generate calldata for a low-level call, but these methods are error-prone and by an openzeppelin recommendation should be considered unsafe.

Vulnerability Details

It is common to use abi.encodeWithSignature or abi.encodeWithSelector to generate calldata for a low-level call, however, the first option is not typo-safe and the second option is not type-safe. As such, both methods are error-prone and should be considered unsafe.

The protocol uses this unsafe abi encoding function in the following contracts.

CommunityVCS:

https://github.com/Cyfrin/2024-09-stakelink/blob/f5824f9ad67058b24a2c08494e51ddd7efdbb90b/contracts/linkStaking/CommunityVCS.sol#L111

https://github.com/Cyfrin/2024-09-stakelink/blob/f5824f9ad67058b24a2c08494e51ddd7efdbb90b/contracts/linkStaking/CommunityVCS.sol#L190

OperatorVCS :

https://github.com/Cyfrin/2024-09-stakelink/blob/f5824f9ad67058b24a2c08494e51ddd7efdbb90b/contracts/linkStaking/OperatorVCS.sol#L366

VaultControllerStrategy :

https://github.com/Cyfrin/2024-09-stakelink/blob/f5824f9ad67058b24a2c08494e51ddd7efdbb90b/contracts/linkStaking/base/VaultControllerStrategy.sol#L441

https://github.com/Cyfrin/2024-09-stakelink/blob/f5824f9ad67058b24a2c08494e51ddd7efdbb90b/contracts/linkStaking/base/VaultControllerStrategy.sol#L456

Impact

use of unsafe and error-prone abi encoding functions in the protocol.

Tools Used

Manual Review

Recommendations

Consider replacing all the occurrences of unsafe ABI encodings with abi.encodeCall which checks whether the supplied values actually match the types expected by the called function and also avoids errors caused by typos.