TempleGold contract doesn't protect itself against potential third party failure
Summary
TempleGold uses LayerZero to send it's token cross-chain through its TempleGold::send function. It does this by burning the senders token on the source chain and minting thesame amount to the users address on the destination chain. The problem is that the function doesn't check if it's interaction with the external contract (LayerZero) is successful before ending the function. This means should anything happen to the middle man (LayerZero) that causes that destination chain not to receive the correct message or receive the message at all, the sending user might lose their tokens permanently.
Although LayerZero promises to guarantee safe cross-chain transaction for all it's partner protocols, it is recommended to always implement our own security measures on our end, as the cost of things going wrong is high: permanent loss of users assets.
Recommendations
Check for success state with after interacting with the external contract and revert if it fails before ending the function.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.