Use safeTransfer and safeTransferFrom instead of transfer and transferFrom
Summary
Unchecked transfer function
Vulnerability Details
https://github.com/Cyfrin/2023-07-beedle/blob/main/src/Lender.sol#L267-L275
The transfer function is part of the ERC-20 standard and is used to transfer tokens from the contract's balance to another address. However, the transfer function does not return any value, and it does not provide any feedback regarding the success or failure of the transfer.
The key issue is that if the transfer function fails (e.g., due to insufficient balance, contract's internal issues, or any other reason), it does not throw an exception or revert the transaction. Instead, it returns true if the transfer is successful, or false if it fails. Failing to check the return value can result in unhandled errors, and it might lead to unexpected behavior or funds being stuck in the contract.
Impact
If there are not enough tokens in the contract's balance to transfer the fees to the feeReceiver, the transfer will fail, and the return value will be false.
Since the return value is not checked in the code, the contract continues execution without realizing that the transfer operation failed.
As a result, the contract updates its internal state (e.g., updates the pool balance and outstanding loans), even though the transfer operation was not successful.
This can lead to a discrepancy between the contract's internal state and the actual state of the tokens.
Tools Used
Manual Review
Recommendations
Use the safeTransfer function from the OpenZeppelin SafeERC20 library, which includes checks to ensure the success of the transfer and reverts the transaction if the transfer fails.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.