Sparkn

CodeFox Inc.

DeFiFoundryProxy

15,000 USDC

View results

Previous Next

Submission Details

Severity: medium

DefaultAccount#fallback lack payable

wahedtalash77

Summary

The solidity fallback function is executed if none of the other functions match the function identifier or no data was provided with the function call. Only one unnamed function can be assigned to a contract and it is executed whenever the contract receives plain Ether without any data. To receive Ether and add it to the total balance of the contract, the fallback function must be marked payable. If no such function exists, the contract cannot receive Ether through regular transactions and will throw an exception.

Vulnerability Details

fallback() external { //<--------without payable
the same issue was also in Code4rena in the Zksync contest
https://github.com/code-423n4/2023-03-zksync-findings/issues/93
more about the fallback function
https://www.geeksforgeeks.org/solidity-fall-back-function/

Impact

fallback lack payable,will lead to differences from the mainnet, and many existing protocols may not work

Tools Used

Recommendations

add payable to the fallback()

Prize pool breakdown

Total prize

15,000 USDC

nSLOC

194

77 USDC / LOC

High Medium

14,000 USDC

Low

1,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.