Return values of `transfer()`/`transferFrom()` not checked
Summary
Return values of transfer()/transferFrom() not checked
Vulnerability Details
Not all IERC20 implementations revert() when there's a failure in
transfer()/transferFrom(). The function signature has a boolean
return value and they indicate errors that way instead. By not checking
the return value, operations that should have marked as failed, may
potentially go through without actually making a payment
Link to code - https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Fees.sol
Link to code - https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Lender.sol
Link to code - https://github.com/Cyfrin/2023-07-beedle/tree/main/src/Staking.sol
Tools Used
Code Review
Recommendations
Check the return values of transfer()/transferFrom()
Auditor
NeoCrao
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.