Invariant in `withdrawFees` could brick withdrawal
Summary
Potential Vulnerability in withdrawFees Function due to Invariant Break
Vulnerability Details
The withdrawFees function has a conditional check that can be potentially exploited, leading to a permanent lock of the function. The issue lies in the invariant address(this).balance == uint256(totalFees). If an external party forces ether (ETH) into the contract without using a payable function that appropriately updates totalFees, this invariant can be broken. Consequently, the contract's balance will not match totalFees, making it impossible to satisfy the condition address(this).balance == uint256(totalFees).
Impact
This vulnerability could lead to the permanent locking of the withdrawFees function, preventing the withdrawal of fees and effectively freezing funds within the contract. This can result in financial losses and damage the trust in the contract's reliability.
Tools Used
Manual Code Review
Recommendations
To mitigate this issue, consider removing the strict equality check or implementing a more robust mechanism to ensure that totalFees always accurately reflects the contract's balance. One possible solution is to use a fallback or receive function to handle unexpected ether transfers and adjust totalFees accordingly. This will help prevent the invariant from breaking and ensure the withdrawFees function remains operational even if unexpected ether is sent to the contract.
Lead Judging Commences
greifers-send-money-to-contract-to-block-withdrawfees
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.