Submission Details
Severity:
Use of `assert()`
Summary
Hitting an assert() creates an error of type Panic(uint256) and consumes the remainder of the transaction's available gas rather than returning it, as require()/revert() do. Per the Solidity documentation, "Assert should only be used to test for internal errors, and to check invariants. Properly functioning code should never create a Panic, not even on invalid external input.".
Vulnerability Details
There are 3 instances of this issue.
File: contracts/bridges/BridgeReth.sol
106: assert(sent);
| File Link | Instance Count | Instance Link |
|---|---|---|
| BridgeReth.sol | 1 | 106 |
File: contracts/facets/MarginCallSecondaryFacet.sol
87: assert(tokenContract.balanceOf(msg.sender) < walletBalance);
| File Link | Instance Count | Instance Link |
|---|---|---|
| MarginCallSecondaryFacet.sol | 1 | 87 |
File: contracts/libraries/LibAsset.sol
16: assert(tokenContract.balanceOf(msg.sender) < walletBalance);
| File Link | Instance Count | Instance Link |
|---|---|---|
| LibAsset.sol | 1 | 16 |
Impact
Loss of a transaction's available gas.
Tools Used
baudit: a custom static code analysis tool; manual review
Recommendations
Use require() rather than assert().
Prize pool breakdown
Total prize
55,000 USDC
nSLOC
3,36516
USDC / LOC
50,000 USDC
5,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.