Incorrect Parameter Order in TokensWithdrawn Event

Description

• During normal token withdrawal operations, the hook contract should correctly record the token withdrawal event for on-chain monitoring and audit tracking.

• The parameter order in the event triggered within the withdrawTokens function does not match the event definition, resulting in incorrect recording of critical information in the event log.

Risk

Likelihood:

• The incorrect event recording is triggered every time the owner calls the token withdrawal function.

• All event logs for token withdrawal operations will contain incorrect parameter mappings.

• This function may be activated for use in future protocol upgrades.

Impact:

• Event Parsing Confusion: Monitoring tools and blockchain explorers will incorrectly display the recipient address as the token address, and vice versa.

• Indexed Search Failure: Due to incorrect assignment of indexed parameters, event filtering functions based on token addresses or recipient addresses will not work properly.

• Data Statistics Errors: Data analysis tools based on event logs will produce incorrect reports on token flow statistics.

Proof of Concept

• N/A

Recommended Mitigation