PipelineConvertFacet
introduces the generalized convert. However, it uses unsafe transfer functions to make transfers from Beanstalk to Pipeline and vice-versa.
The 1st problem with this approach is that Beanstalk does not verify the result of the transfer call, which can fail especially for tokens that do not revert on transfer like USDT.
The 2nd problem is that the Pipeline will not revert when the transfer returns false
as it only reverts in two situations: standard revert message or silent revert.
Notice that the PipelineConvertFacet
utilizes the fundsSafu
which will reduce the impact of the loss while the balance of tokens on beanstalk >= entitlements.
LibConvert -> executePipelineConvert:
LibConvert -> transferTokensFromPipeline:
User/Beanstalk can lose tokens when it fails from Pipeline -> Beanstalk.
Beanstalk can have a broken balance when it fails on Beanstalk -> Pipeline.
Manual Review
Replace transfer
with safeTransfer
from SafeERC20 from OZ, by doing this the transaction will revert whenever the transfer fails regardless of the token.
Invalid as per docs https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.