Zero check on transfer in `sellProfits` Function
Summary
The sellProfits function in the "Fees" contract utilizes the transfer method to send WETH tokens to the specified staking address. However, the use of transfer lacks a return value, which could result in potential loss of funds if the staking address is a malicious contract that does not handle token transfers properly.
Vulnerability Details
The vulnerable code snippet in the sellProfits function is as follows:
In this snippet, the contract uses the standard ERC20 transfer method to transfer the WETH tokens held by the contract to the staking address. However, the transfer method lacks a return value, meaning it cannot handle failures. If the staking address is a malicious or improperly implemented contract, the token transfer can't fail, leading to a loss of WETH tokens.
Impact
loss of WETH tokens
Tools Used
Manual
Recommendations
To address this issue and prevent potential token loss, the contract should use the safer safeTransfer method provided by the OpenZeppelin SafeERC20 library or similar libraries. The safeTransfer method checks the return value of the token transfer and reverts the transaction in case of failure, ensuring that the token transfer is executed securely. The updated code snippet using safeTransfer is as follows:
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.