From c59f8887a9a2a920798da06cc5b57df6ae5a53cf Mon Sep 17 00:00:00 2001
From: Antonio Guilherme Ferreira Viggiano <agfviggiano@gmail.com>
Date: Mon, 10 Feb 2025 14:10:51 -0300
Subject: [PATCH] Fix deposit/withdraw selector

---
 broadcast/CTF2.s.sol/1/run-1739207427.json | 88 +++++++++++++++++++++
 broadcast/CTF2.s.sol/1/run-latest.json     | 88 +++++++++++++++++++++
 script/ctf/CTF.s.sol                       |  6 +-
 script/ctf/CTF2.s.sol                      | 92 ++++++++++++++++++++++
 script/interfaces/ISize.sol                |  5 ++
 5 files changed, 276 insertions(+), 3 deletions(-)
 create mode 100644 broadcast/CTF2.s.sol/1/run-1739207427.json
 create mode 100644 broadcast/CTF2.s.sol/1/run-latest.json
 create mode 100644 script/ctf/CTF2.s.sol

diff --git a/broadcast/CTF2.s.sol/1/run-1739207427.json b/broadcast/CTF2.s.sol/1/run-1739207427.json
new file mode 100644
index 0000000..6fb6ec2
--- /dev/null
+++ b/broadcast/CTF2.s.sol/1/run-1739207427.json
@@ -0,0 +1,88 @@
+{
+  "transactions": [
+    {
+      "hash": "0x7f61c618c5b643991844f028db237e2afee82dd40129751cd7270e963f521095",
+      "transactionType": "CALL",
+      "contractName": null,
+      "contractAddress": "0x30b8cf2aa67e1e13a096d8838cc942fbbd52778b",
+      "function": "execTransaction(address,uint256,bytes,uint8,uint256,uint256,uint256,address,address,bytes)",
+      "arguments": [
+        "0x457f785000cA495FAe63AAb38C9fC4b2965B106a",
+        "0",
+        "0x982dd3d300000000000000000000000065767ab18a2854895d5287ac689a18b54a17dfb1000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000e000000000000000000000000000000000000000000000000000000000000000640cf8542f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030b8cf2aa67e1e13a096d8838cc942fbbd52778b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000642b4c9a200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030b8cf2aa67e1e13a096d8838cc942fbbd52778b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000064ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffffffffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000064ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffffffffffffffffffff00000000000000000000000000000000000000000000000000000000",
+        "0",
+        "0",
+        "0",
+        "0",
+        "0x0000000000000000000000000000000000000000",
+        "0x0000000000000000000000000000000000000000",
+        "0x4df2d9e4995344d924cc59f8e6c681c7fe6b70d3612b80bef8bd6b05a2117c2359247a6f02c95358e220151b45140339524db28b11b12b7dec2367c029ae81201bf71d5ccf908769232dca2103d316370dbe87111cb1a01dc573725c23a585934162bb4ec7ff12e8be9aa13c63decd8c3d7df61b122caa809d85e4d8719c5d41fe1c"
+      ],
+      "transaction": {
+        "from": "0xc5894b63e6511f3d3f466ca83f4cfe42c3425ac8",
+        "to": "0x30b8cf2aa67e1e13a096d8838cc942fbbd52778b",
+        "gas": "0x3b81c",
+        "value": "0x0",
+        "input": "0x6a761202000000000000000000000000457f785000ca495fae63aab38c9fc4b2965b106a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000140000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000052000000000000000000000000000000000000000000000000000000000000003a4982dd3d300000000000000000000000065767ab18a2854895d5287ac689a18b54a17dfb1000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000e000000000000000000000000000000000000000000000000000000000000000640cf8542f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030b8cf2aa67e1e13a096d8838cc942fbbd52778b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000642b4c9a200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030b8cf2aa67e1e13a096d8838cc942fbbd52778b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000064ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffffffffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000064ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffffffffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000824df2d9e4995344d924cc59f8e6c681c7fe6b70d3612b80bef8bd6b05a2117c2359247a6f02c95358e220151b45140339524db28b11b12b7dec2367c029ae81201bf71d5ccf908769232dca2103d316370dbe87111cb1a01dc573725c23a585934162bb4ec7ff12e8be9aa13c63decd8c3d7df61b122caa809d85e4d8719c5d41fe1c000000000000000000000000000000000000000000000000000000000000",
+        "nonce": "0x18",
+        "chainId": "0x1"
+      },
+      "additionalContracts": [],
+      "isFixedGasLimit": false
+    }
+  ],
+  "receipts": [
+    {
+      "status": "0x1",
+      "cumulativeGasUsed": "0xe4b21c",
+      "logs": [
+        {
+          "address": "0x457f785000ca495fae63aab38c9fc4b2965b106a",
+          "topics": [
+            "0x9737a6ed65b2635eeb5c433d89fda29340f82bc8f269f2fbb303f324c81480e1",
+            "0x00000000000000000000000030b8cf2aa67e1e13a096d8838cc942fbbd52778b",
+            "0x00000000000000000000000065767ab18a2854895d5287ac689a18b54a17dfb1"
+          ],
+          "data": "0x000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000e000000000000000000000000000000000000000000000000000000000000000640cf8542f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030b8cf2aa67e1e13a096d8838cc942fbbd52778b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000642b4c9a200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030b8cf2aa67e1e13a096d8838cc942fbbd52778b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000064ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffffffffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000064ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffffffffffffffffffff00000000000000000000000000000000000000000000000000000000",
+          "blockHash": "0x0b4b3b9b4f0fb537c6a3df9591e37acafa4f81da109a86a410050cfe83d2274c",
+          "blockNumber": "0x14ce8b1",
+          "transactionHash": "0x7f61c618c5b643991844f028db237e2afee82dd40129751cd7270e963f521095",
+          "transactionIndex": "0x86",
+          "logIndex": "0x141",
+          "removed": false
+        },
+        {
+          "address": "0x30b8cf2aa67e1e13a096d8838cc942fbbd52778b",
+          "topics": [
+            "0x442e715f626346e8c54381002da614f62bee8d27386535b2521ec8540898556e",
+            "0xa19e956835e9fcbd44b81aaef3f9553253b8efad48c27e059f3b940425554291"
+          ],
+          "data": "0x0000000000000000000000000000000000000000000000000000000000000000",
+          "blockHash": "0x0b4b3b9b4f0fb537c6a3df9591e37acafa4f81da109a86a410050cfe83d2274c",
+          "blockNumber": "0x14ce8b1",
+          "transactionHash": "0x7f61c618c5b643991844f028db237e2afee82dd40129751cd7270e963f521095",
+          "transactionIndex": "0x86",
+          "logIndex": "0x142",
+          "removed": false
+        }
+      ],
+      "logsBloom": "0x00000000400000000000000000002000000000000000000040000000040000000000000000000000000100000000000000000000000000000000000000000001000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000008000000000000040000000000000000000000000000800000000010000020000000040000000000000000000000000000004000000000000004000000008000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000002200000000000000000008000000000000000000000000000",
+      "type": "0x2",
+      "transactionHash": "0x7f61c618c5b643991844f028db237e2afee82dd40129751cd7270e963f521095",
+      "transactionIndex": "0x86",
+      "blockHash": "0x0b4b3b9b4f0fb537c6a3df9591e37acafa4f81da109a86a410050cfe83d2274c",
+      "blockNumber": "0x14ce8b1",
+      "gasUsed": "0x2b150",
+      "effectiveGasPrice": "0x38d4a960",
+      "from": "0xc5894b63e6511f3d3f466ca83f4cfe42c3425ac8",
+      "to": "0x30b8cf2aa67e1e13a096d8838cc942fbbd52778b",
+      "contractAddress": null
+    }
+  ],
+  "libraries": [],
+  "pending": [],
+  "returns": {},
+  "timestamp": 1739207427,
+  "chain": 1,
+  "commit": "e9a8bd6"
+}
\ No newline at end of file
diff --git a/broadcast/CTF2.s.sol/1/run-latest.json b/broadcast/CTF2.s.sol/1/run-latest.json
new file mode 100644
index 0000000..6fb6ec2
--- /dev/null
+++ b/broadcast/CTF2.s.sol/1/run-latest.json
@@ -0,0 +1,88 @@
+{
+  "transactions": [
+    {
+      "hash": "0x7f61c618c5b643991844f028db237e2afee82dd40129751cd7270e963f521095",
+      "transactionType": "CALL",
+      "contractName": null,
+      "contractAddress": "0x30b8cf2aa67e1e13a096d8838cc942fbbd52778b",
+      "function": "execTransaction(address,uint256,bytes,uint8,uint256,uint256,uint256,address,address,bytes)",
+      "arguments": [
+        "0x457f785000cA495FAe63AAb38C9fC4b2965B106a",
+        "0",
+        "0x982dd3d300000000000000000000000065767ab18a2854895d5287ac689a18b54a17dfb1000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000e000000000000000000000000000000000000000000000000000000000000000640cf8542f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030b8cf2aa67e1e13a096d8838cc942fbbd52778b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000642b4c9a200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030b8cf2aa67e1e13a096d8838cc942fbbd52778b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000064ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffffffffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000064ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffffffffffffffffffff00000000000000000000000000000000000000000000000000000000",
+        "0",
+        "0",
+        "0",
+        "0",
+        "0x0000000000000000000000000000000000000000",
+        "0x0000000000000000000000000000000000000000",
+        "0x4df2d9e4995344d924cc59f8e6c681c7fe6b70d3612b80bef8bd6b05a2117c2359247a6f02c95358e220151b45140339524db28b11b12b7dec2367c029ae81201bf71d5ccf908769232dca2103d316370dbe87111cb1a01dc573725c23a585934162bb4ec7ff12e8be9aa13c63decd8c3d7df61b122caa809d85e4d8719c5d41fe1c"
+      ],
+      "transaction": {
+        "from": "0xc5894b63e6511f3d3f466ca83f4cfe42c3425ac8",
+        "to": "0x30b8cf2aa67e1e13a096d8838cc942fbbd52778b",
+        "gas": "0x3b81c",
+        "value": "0x0",
+        "input": "0x6a761202000000000000000000000000457f785000ca495fae63aab38c9fc4b2965b106a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000140000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000052000000000000000000000000000000000000000000000000000000000000003a4982dd3d300000000000000000000000065767ab18a2854895d5287ac689a18b54a17dfb1000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000e000000000000000000000000000000000000000000000000000000000000000640cf8542f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030b8cf2aa67e1e13a096d8838cc942fbbd52778b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000642b4c9a200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030b8cf2aa67e1e13a096d8838cc942fbbd52778b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000064ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffffffffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000064ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffffffffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000824df2d9e4995344d924cc59f8e6c681c7fe6b70d3612b80bef8bd6b05a2117c2359247a6f02c95358e220151b45140339524db28b11b12b7dec2367c029ae81201bf71d5ccf908769232dca2103d316370dbe87111cb1a01dc573725c23a585934162bb4ec7ff12e8be9aa13c63decd8c3d7df61b122caa809d85e4d8719c5d41fe1c000000000000000000000000000000000000000000000000000000000000",
+        "nonce": "0x18",
+        "chainId": "0x1"
+      },
+      "additionalContracts": [],
+      "isFixedGasLimit": false
+    }
+  ],
+  "receipts": [
+    {
+      "status": "0x1",
+      "cumulativeGasUsed": "0xe4b21c",
+      "logs": [
+        {
+          "address": "0x457f785000ca495fae63aab38c9fc4b2965b106a",
+          "topics": [
+            "0x9737a6ed65b2635eeb5c433d89fda29340f82bc8f269f2fbb303f324c81480e1",
+            "0x00000000000000000000000030b8cf2aa67e1e13a096d8838cc942fbbd52778b",
+            "0x00000000000000000000000065767ab18a2854895d5287ac689a18b54a17dfb1"
+          ],
+          "data": "0x000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000001e00000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000e000000000000000000000000000000000000000000000000000000000000000640cf8542f0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030b8cf2aa67e1e13a096d8838cc942fbbd52778b0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000642b4c9a200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030b8cf2aa67e1e13a096d8838cc942fbbd52778b000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000064ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffffffffffffffffffff000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000064ffffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffffffffffffffffffff00000000000000000000000000000000000000000000000000000000",
+          "blockHash": "0x0b4b3b9b4f0fb537c6a3df9591e37acafa4f81da109a86a410050cfe83d2274c",
+          "blockNumber": "0x14ce8b1",
+          "transactionHash": "0x7f61c618c5b643991844f028db237e2afee82dd40129751cd7270e963f521095",
+          "transactionIndex": "0x86",
+          "logIndex": "0x141",
+          "removed": false
+        },
+        {
+          "address": "0x30b8cf2aa67e1e13a096d8838cc942fbbd52778b",
+          "topics": [
+            "0x442e715f626346e8c54381002da614f62bee8d27386535b2521ec8540898556e",
+            "0xa19e956835e9fcbd44b81aaef3f9553253b8efad48c27e059f3b940425554291"
+          ],
+          "data": "0x0000000000000000000000000000000000000000000000000000000000000000",
+          "blockHash": "0x0b4b3b9b4f0fb537c6a3df9591e37acafa4f81da109a86a410050cfe83d2274c",
+          "blockNumber": "0x14ce8b1",
+          "transactionHash": "0x7f61c618c5b643991844f028db237e2afee82dd40129751cd7270e963f521095",
+          "transactionIndex": "0x86",
+          "logIndex": "0x142",
+          "removed": false
+        }
+      ],
+      "logsBloom": "0x00000000400000000000000000002000000000000000000040000000040000000000000000000000000100000000000000000000000000000000000000000001000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000008000000000000040000000000000000000000000000800000000010000020000000040000000000000000000000000000004000000000000004000000008000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000002200000000000000000008000000000000000000000000000",
+      "type": "0x2",
+      "transactionHash": "0x7f61c618c5b643991844f028db237e2afee82dd40129751cd7270e963f521095",
+      "transactionIndex": "0x86",
+      "blockHash": "0x0b4b3b9b4f0fb537c6a3df9591e37acafa4f81da109a86a410050cfe83d2274c",
+      "blockNumber": "0x14ce8b1",
+      "gasUsed": "0x2b150",
+      "effectiveGasPrice": "0x38d4a960",
+      "from": "0xc5894b63e6511f3d3f466ca83f4cfe42c3425ac8",
+      "to": "0x30b8cf2aa67e1e13a096d8838cc942fbbd52778b",
+      "contractAddress": null
+    }
+  ],
+  "libraries": [],
+  "pending": [],
+  "returns": {},
+  "timestamp": 1739207427,
+  "chain": 1,
+  "commit": "e9a8bd6"
+}
\ No newline at end of file
diff --git a/script/ctf/CTF.s.sol b/script/ctf/CTF.s.sol
index 49ed523..5927076 100644
--- a/script/ctf/CTF.s.sol
+++ b/script/ctf/CTF.s.sol
@@ -5,7 +5,7 @@ import {console, Script} from "forge-std/Script.sol";
 import {Mainnet} from "@script/addresses/Mainnet.sol";
 import {WETH} from "@solady/src/tokens/WETH.sol";
 import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
-import {ISize, DepositParams, WithdrawParams} from "@script/interfaces/ISize.sol";
+import {ISizeWrong} from "@script/interfaces/ISize.sol";
 import {Safe} from "@safe/contracts/Safe.sol";
 import {RestrictedActionsGuard} from "@src/RestrictedActionsGuard.sol";
 import {Enum} from "@safe/contracts/common/Enum.sol";
@@ -59,7 +59,7 @@ contract CTFScript is Script, Mainnet {
         patterns = new bytes[](2);
         masks = new bytes[](2);
         target = address(SIZE_SUSDE_USDC_ADDRESS);
-        patterns[0] = abi.encodeCall(ISize.deposit, (DepositParams(address(0), 0, address(safe))));
+        patterns[0] = abi.encodeCall(ISizeWrong.deposit, (address(0), 0, address(safe)));
         masks[0] = abi.encodeWithSelector(bytes4(0xFFFFFFFF), address(0), 0, address(uint160(type(uint160).max)));
         console.log(target);
         console.logBytes(patterns[0]);
@@ -67,7 +67,7 @@ contract CTFScript is Script, Mainnet {
 
         console.log("--------------------------------");
         console.log("\t[CTF] allow Size.withdraw any token, any amount to safe");
-        patterns[1] = abi.encodeCall(ISize.withdraw, (WithdrawParams(address(0), 0, address(safe))));
+        patterns[1] = abi.encodeCall(ISizeWrong.withdraw, (address(0), 0, address(safe)));
         masks[1] = abi.encodeWithSelector(bytes4(0xFFFFFFFF), address(0), 0, address(uint160(type(uint160).max)));
         console.log(target);
         console.logBytes(patterns[1]);
diff --git a/script/ctf/CTF2.s.sol b/script/ctf/CTF2.s.sol
new file mode 100644
index 0000000..69201d2
--- /dev/null
+++ b/script/ctf/CTF2.s.sol
@@ -0,0 +1,92 @@
+// SPDX-License-Identifier: MIT
+pragma solidity ^0.8.20;
+
+import {console, Script} from "forge-std/Script.sol";
+import {Mainnet} from "@script/addresses/Mainnet.sol";
+import {ISize, DepositParams, WithdrawParams} from "@script/interfaces/ISize.sol";
+import {Safe} from "@safe/contracts/Safe.sol";
+import {RestrictedActionsGuard} from "@src/RestrictedActionsGuard.sol";
+import {Enum} from "@safe/contracts/common/Enum.sol";
+
+contract CTF2Script is Script, Mainnet {
+    bytes signature1;
+
+    function run() public {
+        vm.startBroadcast();
+        signature1 = vm.envBytes("SIGNATURE1");
+        Safe safe = Safe(payable(vm.envAddress("SAFE_ADDRESS")));
+
+        console.log("[CTF] running...");
+        console.log("[CTF] fixing allowed actions...");
+        address target;
+        bytes[] memory patterns;
+        bytes[] memory masks;
+
+        console.log("--------------------------------");
+        console.log("\t[CTF] allow Size.deposit any token, any amount to safe");
+        patterns = new bytes[](2);
+        masks = new bytes[](2);
+        target = address(SIZE_SUSDE_USDC_ADDRESS);
+        patterns[0] = abi.encodeCall(ISize.deposit, (DepositParams(address(0), 0, address(safe))));
+        masks[0] = abi.encodeWithSelector(bytes4(0xFFFFFFFF), address(0), 0, address(uint160(type(uint160).max)));
+        console.log(target);
+        console.logBytes(patterns[0]);
+        console.logBytes(masks[0]);
+
+        console.log("--------------------------------");
+        console.log("\t[CTF] allow Size.withdraw any token, any amount to safe");
+        patterns[1] = abi.encodeCall(ISize.withdraw, (WithdrawParams(address(0), 0, address(safe))));
+        masks[1] = abi.encodeWithSelector(bytes4(0xFFFFFFFF), address(0), 0, address(uint160(type(uint160).max)));
+        console.log(target);
+        console.logBytes(patterns[1]);
+        console.logBytes(masks[1]);
+        _setRestrictedActions(safe, target, patterns, masks);
+
+        console.log("[CTF] done");
+        vm.stopBroadcast();
+    }
+
+    function _setRestrictedActions(Safe safe, address target, bytes[] memory patterns, bytes[] memory masks) public {
+        bytes memory data = abi.encodeCall(RestrictedActionsGuard.setRestrictedActions, (target, patterns, masks));
+
+        uint256 nonce = safe.nonce();
+        bytes32 dataHash = safe.getTransactionHash(
+            RESTRICTED_ACTIONS_GUARD_ADDRESS,
+            0,
+            data,
+            Enum.Operation.Call,
+            0,
+            0,
+            0,
+            address(0),
+            payable(address(0)),
+            nonce
+        );
+
+        (uint8 v, bytes32 r, bytes32 s) = vm.sign(dataHash);
+        bytes memory signatures = abi.encodePacked(r, s, v);
+
+        console.log("--------------------------------");
+        console.log("signatures");
+        console.logBytes(signatures);
+
+        signatures = abi.encodePacked(signature1, signatures);
+
+        if (signatures.length < 65 * 2) {
+            return;
+        }
+
+        safe.execTransaction(
+            RESTRICTED_ACTIONS_GUARD_ADDRESS,
+            0,
+            data,
+            Enum.Operation.Call,
+            0,
+            0,
+            0,
+            address(0),
+            payable(address(0)),
+            abi.encodePacked(signatures)
+        );
+    }
+}
diff --git a/script/interfaces/ISize.sol b/script/interfaces/ISize.sol
index 627d447..3298956 100644
--- a/script/interfaces/ISize.sol
+++ b/script/interfaces/ISize.sol
@@ -13,6 +13,11 @@ struct WithdrawParams {
     address to;
 }
 
+interface ISizeWrong {
+    function deposit(address token, uint256 amount, address to) external;
+    function withdraw(address token, uint256 amount, address to) external;
+}
+
 interface ISize {
     function deposit(DepositParams calldata params) external;
     function withdraw(WithdrawParams calldata params) external;