Tadle

Tadle
DeFi
30,000 USDC
View results
Submission Details
Severity: low
Invalid

Excess ETH Sent by User is Not Handling in `tillIn` Function

Github

  • https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/core/TokenManager.sol#L56

Summary

The tillIn function in the TokenManager contract fails to refund excess Ether when a user sends more Ether than the specified _amount. This can lead to unintended financial loss for users, which is a significant usability issue and may damage trust in the contract's operations.

Vulnerability Details

The tillIn function checks if the msg.value is less than the _amount required. If true, it reverts the transaction. However, there is no logic to handle cases where msg.value exceeds _amount. The excess Ether is not refunded, leading to a potential loss for the user. If a user accidentally sends more Ether than required, the excess Ether is not refunded, resulting in a loss for the user.

For example, if _amount is 1 ETH and msg.value is 2 ETH, the contract will keep the extra 1 ETH without refunding it. Users might unintentionally lose funds if they overpay due to mistakes or misunderstandings, which could damage trust in the contract.

Impact

This issue is significant because it can lead to unintentional financial loss for users. While it may not be a critical security vulnerability, it is a serious usability issue that could cause frustration and loss of trust in the contract's operations.

Tools Used

Manual Review

Recommendations

Refund excess Ether to the users, this ensures that users do not lose funds due to accidental overpayment.

Updates

Lead Judging Commences

0xnevi Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Known issue
Assigned finding tags:

[invalid] finding-TokenManager-tillin-excess

Invalid, these are by default, invalid based on codehawks [general guidelines](https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity#findings-that-may-be-invalid). The check implemented is simply a sufficiency check, it is users responsibility to only send an appropriate amount of native tokens where amount == msg.value when native token is intended to be used as collateral (which will subsequently be deposited as wrapped token). All excess ETH can be rescued using the `Rescuable.sol` contract. > Users sending ETH/native tokens > If contracts allow users to send tokens acc111identally.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.