Beedle - Oracle free perpetual lending
BeedleFi
DeFiFoundry
20,000 USDC
View results
Previous Next
Submission Details
Severity: medium

Missing checks in transfer

Cryptic Snake REACH

Summary

Checks are missing in transfer function like -

  • Zero amount swap

  • Self transfer REF

Vulnerability Details

The sellProfits() function performs a swap on Uniswap, but there is no check that the amount swapped is greater than 0. If amount is 0, the swap call will still be made, consuming gas unnecessarily.

The require statement in the sellProfits function could be more specific. Instead of simply checking that _profits is not equal to WETH, the statement could check that _profits is not equal to WETH and that it is not equal to the address of the contract itself.

/// @notice swap loan tokens for collateral tokens from liquidations
/// @param _profits the token to swap for WETH
function sellProfits(address _profits) public {
require(_profits != WETH, "not allowed");
uint256 amount = IERC20(_profits).balanceOf(address(this));
ISwapRouter.ExactInputSingleParams memory params = ISwapRouter
.ExactInputSingleParams({
tokenIn: _profits,
tokenOut: WETH,
fee: 3000,
recipient: address(this),
deadline: block.timestamp,
amountIn: amount,
amountOutMinimum: 0,
sqrtPriceLimitX96: 0
});
amount = swapRouter.exactInputSingle(params);
IERC20(WETH).transfer(staking, IERC20(WETH).balanceOf(address(this)));
}

Impact

The contract could lose the funds or consuming gas unnecessarily

Tools Used

Manual code review

Recommendations

Add checks to integrate the solution of this vulnerability

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.