arbitrary-send-erc20 (NO authorization)
Vulnerability Details
The 'transferFrom' function is being called without checking whether the p.lender address has approved the Lender contract to spend tokens on its behalf
Impact
The vulnerability allows unauthorized token transfers from the p.lender address, leading to potential loss of funds for the user and exposing them to financial risks if exploited.
Tools Used
Slither
mitigation: To mitigate this issue, first reduce contract size; you can consider using error codes or constants instead of string literals in revert statements. Error codes or constants are stored more efficiently in the contract's bytecode, leading to smaller contract sizes. Then either use revert statement or error codes to ensure that the 'Lender' contract is authorised to transfer tokens on behalf of the p.lender address. This prevents unauthorized token transfers and also enhances the security of a contract.
Could look something like this; if (p.poolBalance > currentBalance) {
// Ensure that the Lender contract is allowed to transfer tokens from p.lender
uint256 transferAmount = p.poolBalance - currentBalance;
require(
IERC20(p.loanToken).allowance(p.lender, address(this)) >= transferAmount,
"Lender not authorized to transfer tokens"
);
OR
if (p.poolBalance > currentBalance) {
// Ensure that the Lender contract is allowed to transfer tokens from p.lender
uint256 transferAmount = p.poolBalance - currentBalance;
require(
IERC20(p.loanToken).allowance(p.lender, address(this)) >= transferAmount,
ERR_NOT_AUTHORIZED
);
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.