TempleGold

TempleDAO

Foundry

25,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

Missing gas check in the teleport function may result in temporary blocking of funds or reverted transaction

meeve

Summary

There is no checking on the provided value in the teleport function, which allows the user to provide any value.

Vulnerability Details

User should call quote to get recommended fee, and then provide required value while calling teleport function. But because that value is not checked anywhere it might lead to situation where user provides to low, or to big value. You will find more details in the links below.

Value is too low: https://docs.layerzero.network/v2/developers/evm/gas-settings/tx-pricing#message-execution-options

Value is too high: https://docs.layerzero.network/v2/developers/evm/gas-settings/options#add-options-types

Impact

The transaction might be reverted, or be stalled on the destination chain.

Tools Used

Manual Review

Recommendations

Layerzero documentation suggest to provide some gas buffer. More details can be found in provided links

Updates

Lead Judging Commences

inallhonesty Lead Judge

11 months ago

inallhonesty Lead Judge 11 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

25,000 USDC

nSLOC

998

25 USDC / LOC

High Medium

20,000 USDC

Low

2,500 USDC

Judges

2,500 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.