The MigrationFacet.sol contract has been identified with a potential vulnerability related to locked Ether. The contract contains a payable function (mowAndMigrate) without a corresponding withdrawal mechanism, leading to a risk of permanently locking any Ether sent to the contract.
The vulnerable contract's mowAndMigrate function is designed to handle migrations of deposits but lacks a proper withdrawal mechanism for any Ether sent to it. This violates best practices for secure contract design.
The impact of this vulnerability is the permanent loss of Ether sent to the contract through the mowAndMigrate function. Users sending Ether to this function risk having their funds irreversibly locked within the contract.
Manual review and slither.
To address this issue, it is recommended to implement a withdrawal mechanism within the MigrationFacet.sol contract, allowing users to retrieve any Ether sent to the contract.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.