RESDLTokenBridge::ccip router will get less eth than expected due to external call in RESDLTokenBridge.
Summary
Not having a receive() in SDLPoolCCIPController.sol results getting less eth than expected in ccip router.
Vulnerability Details
In RESDLTokenBridge.sol contract an external call is occuring:
ccipSend() is a payable function of SDLPoolCCIPController contract. In SDLPoolCCIPController::ccipSend() another external call is occuring:
This time chainlinks Router.sol contract's ccipSend() was called.
Now, when SDLPoolCCIPController::ccipSend() is called by sending ether as it is a payable function the sent eth is added as eth balance of the contract. But this - IRouterClient(this.getRouter())::ccipSend() external call requires the exact msg.value which was sent to the SDLPoolCCIPController contract. We know external calls requires gas to execute, this gas cost will be deducted from the contract's eth balance, so when IRouterClient(this.getRouter())::ccipSend() is called the router will get less ether than expected which may revert the transaction if it is less than or equal to feeAmount is router contract:
Impact
The whole transaction chain i.e sdlPoolCCIPController.ccipSend() -> IRouterClient(this.getRouter()).ccipSend() will revert.
Tools Used
Manual analysis.
Recommendations
Add a receive() in SDLPoolCCIPController.sol contract so that ether can be sent to this which will cover gas fees.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.