The send()
function of the TempleGold.sol
contract does not perform sufficient validation on the _fee
parameter. This lack of validation allows malicious users to provide an insufficient fee, potentially leading to financial losses for the contract. The absence of a minimum fee check creates a vulnerability that can be exploited by sending minimal fees (e.g., 0 or 1 wei), causing the contract to subsidize the remaining cost.
The _fee
parameter is passed to the _lzSend
function without any validation to ensure it meets a minimum threshold. This allows users to set an arbitrarily low fee.
A malicious user can exploit this vulnerability by sending a minimal fee (e.g., 0 or 1 wei) when calling the send
function. The contract will then deduct the remainder of the actual fee required for processing the message from its own balance, resulting in a financial loss.
he contract will incur additional costs to cover the fees that should have been paid by the user. Over time, this can lead to significant financial depletion of the contract’s funds. And furthermore if the contract's funds are exhausted, it may not be able to process further messages.
Manul
It is recommended to validate that _fee
meets a predefined minimum threshold before calling _lzSend
.
Or determine a reasonable minimum fee based on the operational costs of processing a message and refund the excess amount (if any)
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.