Unchecked Transfer Return Values in WrappedSDToken Contract. wrap() and unwrap() methods.
Summary
The WrappedSDToken contract's wrap and unwrap functions do not properly validate the success of ERC20 token transfer operations. We call wrap() in _transferTokens and unwrap in _ccipReceive() method of WrappedTokenBridge.sol
Vulnerability Details
The wrap and unwrap functions in the WrappedSDToken contract interact with an underlying ERC20 token contract (sdToken) to transfer tokens to and from users. The current implementation uses the transferFrom and transfer methods of the ERC20 token without checking their return values.
Impact
The _transferTokens() method in the WrappedTokenBridge contract is responsible for initiating the wrapping of tokens and transferring them to a destination chain. If the wrap function in the WrappedSDToken contract does not validate the success of the transferFrom operation, the WrappedTokenBridge contract might proceed with wrapping tokens that were not successfully transferred from the user, leading to an incorrect minting of wrapped tokens.
Cause discrepancies in the accounting of wrapped tokens, as the contract's state would not accurately reflect the actual token balances.
Can also lead to Emitting events indicating successful wrapping and transfer of tokens, which could mislead users and off-chain services monitoring these events.
The _ccipReceive() method in the WrappedTokenBridge contract handles incoming CCIP messages, which include unwrapping tokens and transferring them to the intended recipient. If the unwrap function in the WrappedSDToken contract does not validate the success of the transfer operation, the WrappedTokenBridge contract might burn wrapped tokens without the corresponding unwrapped tokens being successfully transferred to the recipient.
Not deliver the unwrapped tokens to the user, effectively causing a loss of funds for the user who expected to receive them.
Create inconsistencies between the supply of wrapped and unwrapped tokens, potentially leading to issues with liquidity and token valuation.
The failure to validate token transfer success undermines the reliability and trustworthiness of the WrappedTokenBridge contract. It can lead to loss of funds and incorrect token supply management.
Tools Used
Manual review
Recommendations
Consider using OpenZeppelin's SafeERC20 library, which provides wrapper functions such as safeTransfer and safeTransferFrom. These functions are designed to ensure that token transfers are successful and revert the transaction if they fail, preventing silent transfer failures and unexpected behavior in the contract.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.