Description:
The unstake
function in the contract currently uses the send
function to transfer ether to a specified address. The send function in Vyper is inherently limited as it only forwards a fixed gas stipend of 2300 gas to the recipient. This amount of gas is typically insufficient for anything beyond emitting an event in the recipient's contract. Additionally, the send function does not revert if the transfer fails; instead, it returns a boolean indicating success or failure. This makes error handling cumbersome and prone to being overlooked.
Impact:
The improper use of the send
function could lead to failed ether transfers when unstaking, particularly if the recipient's contract or address requires more than 2300 gas to execute its operations. Since the send
function does not revert on failure, the contract could enter an inconsistent state where the ether remains locked within the contract, leading to potential loss of funds or failed user
transactions.
Proof of Concept:
If the _to
parameter in the send function requires more than 2300 gas, the send
function will fail but not revert the transaction, thus leaving the contract in an unintended state.
Recommended Mitigation:
Replace the send
function with the raw_call
function, which allows for greater flexibility in gas allocation, thereby reducing the risk of transaction failures and ensuring the safe transfer of funds. You can read the documentation for more info. Vyper Docs
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.