Sablier

DeFiFoundry

53,440 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

ERC20 Tokens implementing Dividends will lead to loss of funds

tom2o17

Summary

Tokens with dividend payouts on `transfer(address,uint256)` will lead to loss funds

POC use as asset: eth:0xbed85cf4c249bd5fc187af600d652dd2beefddea as token

eg:
eth:0xde84a421726fe25ff5795e76de0b88af5eaddc7ed0c72f6b003466a29f8b852f

In addition, if a Token has an ETH/native gas dividend payout all transfers may revert

├─ [51] 0xB10daee1FCF62243aE27776D7a92D39dC8740f95::fallback{value: 100000000000000000}()

│ └─ ← "EvmError: Revert"

└─ ← ()

Mitigation:

Implement rescue function if both sender, admin && recipient agree to recover funds

Make contract have a payable fallback so if someone integrates a token which pays gas, does not revert on transfer.

Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Known issue

Prize pool breakdown

Total prize

53,440 USDC

nSLOC

2,655

20 USDC / LOC

High Medium

45,000 USDC

Low

3,100 USDC

Judges

5,340 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.