The UnwrapAndSendETH contract is designed to unwrap WETH (Wrapped Ether) and send the equivalent amount of ETH to a specified address. However, it contains a vulnerability that allows an attacker to withdraw ETH to arbitrary destinations.
In the unwrapAndSendETH function, the contract checks the WETH balance and then proceeds to withdraw and transfer the entire balance to the specified address (to) using the call function. The use of call without proper access controls or checks allows any user to invoke this function and receive Ether, potentially leading to unauthorized fund transfers.
(contracts/pipeline/junctions/UnwrapAndSendETH.sol#27-35)
This vulnerability poses a severe risk as it allows arbitrary users to drain the Ether balance of the contract. Malicious actors can exploit this vulnerability to perform unauthorized fund transfers, leading to financial losses for the contract owner and users relying on the proper functioning of the contract.
The vulnerability was identified using the Slither static analysis tool, specifically leveraging the "functions-that-send-ether-to-arbitrary-destinations" detector. Slither highlighted the potential risk associated with the use of the call function in the specified contract.
To mitigate this vulnerability, it is recommended to implement proper access controls in the unwrapAndSendETH function. Consider incorporating a permission system or requiring specific authorization from designated addresses before allowing the transfer of Ether.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.