Beedle - Oracle free perpetual lending

BeedleFi

DeFiFoundry

20,000 USDC

View results

Previous Next

Submission Details

Severity: low

Unchecked return value

bube

Summary

The return values of an external transfer/transferFrom calls in functions sellProfits(Fees.sol), setPool, addToPool, removeFromPool, borrow, repay, giveLoan, buyLoan, seizeLoan, refinance (Lender.sol) and deposit, withdraw and claim in Staking.sol are not checked.

Vulnerability Details

When using the functions transfer/transferFrom, it's crucial to check their return value to ensure that the transfer was successful. If the return value is not checked and the function fails, the contract might continue executing as if the transfer was successful, which can lead to unexpected behavior.

Impact

If the transfer or transferFrom function fails for any reason, the contracts will not be aware of it.

Tools Used

Manual review

Recommendations

Use SafeERC20, or ensure that the transfer/transferFrom return value is checked.

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

706

28 USDC / LOC

High Medium

18,000 USDC

Low

2,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!