Missing Input Validation in TradingAccount.withdrawMarginUsd Function
Summary
The withdrawMarginUsd function in the TradingAccount library does not validate the recipient address before transferring tokens. If the recipient address is the zero address (address(0)), the tokens will be irrecoverably lost.
Vulnerability Details
The withdrawMarginUsd function is responsible for withdrawing margin collateral from a trading account and transferring it to a specified recipient. However, it does not include a check to ensure that the recipient address is not the zero address:
If the recipient address is mistakenly or maliciously set to the zero address, the safeTransfer function will still execute, resulting in the tokens being sent to an unusable address, effectively removing them from circulation.
Impact
Users could lose their margin collateral if it is accidentally or intentionally sent to the zero address.
Tools Used
Manual code review
Recommendations
Add a require statement before the safeTransfer call to ensure that the recipient address is not the zero address:
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.