fix(protocol): Correct decoding (TKO-03) (#15582)

Co-authored-by: Keszey Dániel <keszeyd@MacBook-Pro.local>
taikoxyz · Jan 26, 2024 · dc46b27 · dc46b27
1 parent 17b074b
commit dc46b27
Showing 1 changed file with 11 additions and 6 deletions.
diff --git a/packages/protocol/contracts/tokenvault/ERC20Vault.sol b/packages/protocol/contracts/tokenvault/ERC20Vault.sol
@@ -256,22 +256,27 @@ contract ERC20Vault is BaseVault {
     {
         checkRecallMessageContext();
 
-        (, address token,, uint256 amount) =
+        (CanonicalERC20 memory ctoken,,, uint256 amount) =
             abi.decode(message.data[4:], (CanonicalERC20, address, address, uint256));
 
-        if (token == address(0)) revert VAULT_INVALID_TOKEN();
+        if (ctoken.addr == address(0)) revert VAULT_INVALID_TOKEN();
 
         if (amount > 0) {
-            if (bridgedToCanonical[token].addr != address(0)) {
-                IBridgedERC20(token).mint(message.owner, amount);
+            if (bridgedToCanonical[ctoken.addr].addr != address(0)) {
+                IBridgedERC20(ctoken.addr).mint(message.owner, amount);
             } else {
-                ERC20(token).safeTransfer(message.owner, amount);
+                ERC20(ctoken.addr).safeTransfer(message.owner, amount);
             }
         }
 
         message.owner.sendEther(message.value);
 
-        emit TokenReleased({ msgHash: msgHash, from: message.owner, token: token, amount: amount });
+        emit TokenReleased({
+            msgHash: msgHash,
+            from: message.owner,
+            token: ctoken.addr,
+            amount: amount
+        });
     }
 
     function name() public pure override returns (bytes32) {