Unchecked Return Value in transfer and transferFrom Functions
Summary
The FjordAuction smart contract fails to check the return values of the transfer and transferFrom functions from the ERC20 standard. These functions return a boolean indicating the success or failure of the transfer. Failing to check these return values can lead to silent failures, where the contract behaves as though a transfer was successful even if it wasn’t, potentially leading to significant security risks, such as loss of tokens, incorrect state updates, and inconsistencies.
Vulnerability Details
https://github.com/Cyfrin/2024-08-fjord/blob/main/src/FjordAuction.sol#L143-L153
In this code, if the fjordPoints.transferFrom call fails (e.g., due to insufficient allowance or balance), the function will still proceed, recording the bid in the bids mapping and emitting the BidAdded event, even though the transfer did not actually occur.
A similar Issue is observed in the unbid and claimTokens functions.
Impact
If a transfer fails, the contract will not detect it, leading to potential loss of funds, misallocation of auction tokens, and incorrect bid tracking.
Tools Used
Manual review
Recommendations
To mitigate this vulnerability, you should always check the return values of transfer and transferFrom calls and revert the transaction if the transfer fails.
Similarly, update the unbid and claimTokens functions.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.