Tadle

Summary

The withdraw function in the TokenManager contract has potential vulnerabilities specifically in the native token withdrawal section. These include reentrancy risks and issues with native token conversion reliability.

Vulnerability Details

The function depends on an external wrappedNativeToken::withdraw call to properly convert the wrapped tokens to native tokens. If the conversion process fails or does not accurately reflect the requested amount, the function then transfers the native tokens to the user. If the conversion is incorrect, the user may receive an inaccurate amount of native tokens. This could result in financial discrepancies or losses for the users/contract. Additionally, If the user (msg.sender) is a malicious contract, it could exploit this sequence by re-entering the withdraw function during the native token transfer call. This could lead to unauthorized multiple withdrawals or manipulation of the contract state.

Impact

• Reentrancy Attack: Malicious contracts could exploit the timing of the native token transfer to make unauthorized multiple withdrawals or manipulate the contract state.

• Incorrect Token Amount: If the conversion from wrapped to native tokens fails or is incorrect, users may receive an incorrect amount of native tokens, potentially leading to financial loss or inconsistencies.

Tools Used

Manual Code Review

Recommendations

1. Implement Reentrancy Guard: Use the nonReentrant modifier to prevent reentrant calls and protect against unauthorized multiple withdrawals.

2. Verify Conversion: Introduce additional checks and error handling to ensure that the wrapped-to-native token conversion process is reliable and that the correct amount of tokens is transferred. Implement mechanisms to handle potential failures or discrepancies in conversion.