Submission Details
Severity:
Return value of `Withdraw()` is not checked.
Description:
Inside of the KittyVault::purrrCollateralFromAave a i_aavePool.withdraw() performs a call to the aave pool to send the user's collateral back to the Vault. But it does not check the return value if the call suceeded.
function purrrCollateralFromAave(uint256 _ameowntToWhiskdraw) external onlyMeowntainer {
totalMeowllateralInVault += _ameowntToWhiskdraw;
@> i_aavePool.withdraw( { asset: i_token, amount: _ameowntToWhiskdraw, to: address(this) } );
}
Impact:
If the call fails, the collateral didnt manage to get back to the specified vault, and users may end up losing their collateral.
Tools Used:
Manual Review.
Recommended Mitigation:
Revert the entire call if the withdraw call fails by checking that the success return value of the i_aavePool.withdraw() returns true.
function purrrCollateralFromAave(uint256 _ameowntToWhiskdraw) external onlyMeowntainer {
totalMeowllateralInVault += _ameowntToWhiskdraw;
- i_aavePool.withdraw( { asset: i_token, amount: _ameowntToWhiskdraw, to: address(this) } );
+ (bool success,) = i_aavePool.withdraw( { asset: i_token, amount: _ameowntToWhiskdraw, to: address(this) } );
}
+ if(!success){
+ revert("Withdraw failed !")
+ }
Updates
Rewards breakdown
nSLOC
224This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.