Fix/finding #2 Fix Calculating Salt

[Aboudjem]

This PR addresses security audit finding #2 regarding non-deterministic salt computation in the createAccount function across several factory contracts. The following updates were made:

• K1ValidatorFactory:

  • Updated NatSpec documentation.
  • Fixed non-deterministic salt issue by ensuring all parameters are correctly hashed together.

• NexusAccountFactory:

  • Rewritten assembly code for correct salt computation.
  • Added missing NatSpec documentation.

• RegistryFactory:

  • Corrected assembly code for deterministic salt computation.
  • Optimized gas usage by changing isModuleAllowed from public to private.

• Test Cases:

  • Added tests to verify that manually computed addresses match those generated by the updated computeAccountAddress function, ensuring the correctness of the salt computation fix.

[openzeppelin-code]

Fix/finding #2 Fix Calculating Salt

Generated at commit: 9024384c238c7ce92105726fc62988fd885875d3

🚨 Report Summary

	Severity Level	Results
Contracts	Critical High Medium Low Note Total	0 1 0 6 24 31

---

For more details view the full report in OpenZeppelin Code Inspector

[codecov]

Codecov Report

Attention: Patch coverage is 85.71429% with 2 lines in your changes missing coverage. Please review.

Please upload report for BASE (remediations/cantina-spearbit@ad6af35). Learn more about missing BASE report.

Files	Patch %	Lines
contracts/factory/RegistryFactory.sol	75.00%	2 Missing ⚠️

Additional details and impacted files

@@                       Coverage Diff                        @@
##             remediations/cantina-spearbit     #124   +/-   ##
================================================================
  Coverage                                 ?   75.73%           
================================================================
  Files                                    ?       13           
  Lines                                    ?      643           
  Branches                                 ?      148           
================================================================
  Hits                                     ?      487           
  Misses                                   ?      156           
  Partials                                 ?        0           

Files	Coverage Δ
contracts/factory/K1ValidatorFactory.sol	100.00% <100.00%> (ø)
contracts/factory/NexusAccountFactory.sol	100.00% <100.00%> (ø)
contracts/factory/RegistryFactory.sol	80.48% <75.00%> (ø)

---

Continue to review full report in Codecov by Sentry.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update ad6af35...9024384. Read the comment docs.

[livingrockrises]

not quite sure why these two are not the same?

I believe this change was done only for gas optimisation from gaslite suggestion.

[ankurdubey521]

you're effectively calculating keccak256(abi.encode(...params)) while his code is keccak256(abi.encodePacked(...params). Generally encodePack-ing is cheaper but I can't say for sure in this case if re-encoding will be cheaper than copying and hashing pre-encoded data. Best to look at benchmarks.

[MrToph]

check how arrays are abi encoded, there's an offset to the data (that can be chosen by the caller as the issue says) and you'd be encoding this offset too along with everything else.

[livingrockrises]

audit finding #2 is linked wrong. it links to some issue

[livingrockrises]

why not consistent everywhere?
here it would be
bytes32 actualSalt = keccak256(abi.encodePacked(initData, salt))

[Aboudjem]

that's what it does but in assembly

[livingrockrises]

I mean, why cant we just use this abi.encodePacked way everywhere then.

[Aboudjem]

It's for gas mostly.

But where else it's not used?

[livingrockrises]

like in other factories we have changed and used like this
bytes32 actualSalt = keccak256(abi.encodePacked(eoaOwner, index, attesters, threshold));

go back to the issue please to also understand test case needs.
we are still hashing everything for salt event without any change, but in the event it would be emitted different value which won't help to reconstruct salt

[livingrockrises]

@Aboudjem
cc @MrToph

[livingrockrises]

whats wrong with this comment

// Compute the actual salt for deterministic deployment

[Aboudjem]

I changed it to reflect the changes, as we use hash of initData and Salt only (without sig func)

[livingrockrises]

for deterministic deployment

Is nice and consistent..

[livingrockrises]

@Aboudjem

[livingrockrises]

I think tests should confirm that you're able to compute same account address using the initData and salt index emitted in the events.

or could be different params depending on the factory/method but you get the gist.

[VGabriel45]

The written tests are valid in my opinion

[livingrockrises]

review i

[VGabriel45]

@Aboudjem look over Chirag's comments

[Aboudjem]

please check

[github-actions]

🤖 Slither Analysis Report 🔎

Slither report

# Slither report

THIS CHECKLIST IS NOT COMPLETE. Use --show-ignored-findings to show all the results.
Summary

• constable-states (2 results) (Optimization)

constable-states

Impact: Optimization
🔴 Confidence: High

• ID-0
  RegistryAdapter.registry should be constant

base/RegistryAdapter.sol#L12

• ID-1
  RegistryFactory.threshold should be constant

factory/RegistryFactory.sol#L39

_This comment was automatically generated by the GitHub Actions workflow._