15,000 USDC
View results
Submission Details
Severity: gas

Prevent users to use tokens that are not mapped

Summary

Anyone can call the function depositCollateral, if the user sends a token that is not mapped on the oracle, the user will deposit a collateral that has no value for the protocol, depending on how is the state of his balance, he maybe is not even capable of redeeming it.

Vulnerability Details

Impact

None, usability

Tools Used

Recommendations

In depositCollateral function verify if the tokenCollateralAddress is in the s_collateralTokens array, if not, revert the transaction with a new error

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.