Submission Details
Severity:
Mocks assumes exactly the amount is received in the contract causing some operation to revert
Summary
Mocks assumes exactly the amount is received in the contract causing some operation to revert
Vulnerability Details
Here is the GatewayRouterMock::outboundTransfer():
function outboundTransfer(
address _token,
address _to,
uint256 _amount,
uint256 _maxGas,
uint256 _gasPriceBid,
bytes calldata _data
) external payable returns (bytes memory) {
IERC20(_token).transferFrom(msg.sender, _to, _amount);
return abi.encode(_token, _to, _amount, _maxGas, _gasPriceBid, _data);
}
as you can see, it encode the _amount rather than the balance received assuming the exact amount is what is received but as we know Daily rebases result in stETH token balances changing see more here.
Impact
Mocks assumes exactly the amount is received in the contract causing some operation to revert
Recommendations
use as method as used in Distribution.sol
// https://docs.lido.fi/guides/lido-tokens-integration-guide/#steth-internals-share-mechanics
uint256 balanceBefore_ = IERC20(depositToken).balanceOf(address(this));
IERC20(depositToken).safeTransferFrom(_msgSender(), address(this), amount_);
uint256 balanceAfter_ = IERC20(depositToken).balanceOf(address(this));
amount_ = balanceAfter_ - balanceBefore_;
Updates
Lead Judging Commences
inallhonesty over 1 year ago
Submission Judgement Published Assigned finding tags:
GatewayRouterMock lacks some functionality
Prize pool breakdown
Total prize
22,500 USDC
nSLOC
1,05421 USDC / LOC
20,000 USDC
2,500 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.