TempleGold

​

`TempleGold.send()` doesn't check if the payment token matches the `_fee` parameter set by the user.

​

​

- Layerzero endpoint enables executing bridging calls while paying for gas either in native tokens or in `$ZRO` tokens (layerzero protocol tokens).

- `TempleGold.send()` doesn't check if the payment token for the bridging gas matches the `MessagingFee _fee`, as users can send native tokens ( `msg.value > 0`) while the `_fee.nativeFee == 0` and `_fee.lzTokenFee > 0`

​

struct MessagingFee {

}

​

function send(

)

{

}

​

​

A malicious User can exploit any balance of `$ZRO` tokens left in the `TempleGold` contract to pay for his bridging call as there's no mechanism to pull these fees from the user before sending.

​

​

Manual Review.

​

​

- Update `TempleGold.send()` function to allow the following:

- if the user chooses to pay for gas in native tokens, a check must be made to ensure that `_fee.nativeFee == msg.value` & `_fee.lzTokenFee == 0`.

- and if the user wants to pay for gas in `$ZRO` tokens, these tokens to be pulled from the user and a check must be made to ensure that the user has sent sufficient `$ZRO` tokens to the `TempleGold` contract, by ensuring that `_fee.nativeFee == 0` & `_fee.lzTokenFee == received $ZRO tokens`.

​