Use `safeTransfer()` & `safeTransferFrom()` instead of `transfer()` & `transferFrom()`
Summary
The transfer() and transferFrom() functions return a boolean value indicating success. This parameter needs to be checked for success. Some tokens do not revert if the transfer failed but return false instead.
Vulnerability Details
Some tokens (like USDT) don't correctly implement the EIP20 standard and their transfer/ transferFrom function return void instead of a success boolean. Calling these functions with the correct EIP20 function signatures will always revert.
This issue is generally categorised as a Low severity but since the Lender can choose any non standard tokens for as loan/collateral token, There is a higher risk involved.
Impact
Imagine the loan/collateral tokens is one such tokens. Then whenever the transfer/transferFrom in called and the transaction returns false, due to missing check the tokens are never transferred and rest of the code will execute.
A malicious user calling the repay function and not actually transferring the tokens to the contract but his debt has been subtracted.
Tools Used
Slither
Recommendations
Recommend using OpenZeppelin's SafeERC20 versions with the safeTransfer and safeTransferFrom functions that handle the return value check as well as non-standard-compliant tokens.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.