Tadle

DeFiFoundry

27,750 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

it will be impossible to rescue funds

shealtielanz

Summary

Istanbul hard fork increases the gas cost of the SLOAD operation and therefore breaks some existing smart contracts.

In the file Rescueable.sol, the contract uses transfer() to send eth from the contract to the specified receiver in order to rescue funds from the contract

Use of transfer() might render ETH impossible to withdraw because, after Istanbul hard fork, there is an increase in the gas cost of the SLOAD operation and therefore breaks some existing smart contracts. Those contracts will break because their fallback functions used to consume less than 2300 gas, and they’ll now consume more, since 2300 is the amount of gas a contract’s fallback function receives if it’s called via Solidity’s transfer() or send() methods. Any smart contract that uses transfer() or send() is taking a hard dependency on gas costs by forwarding a fixed amount of gas: 2300.

Vulnerability Details

https://github.com/Cyfrin/2024-08-tadle/blob/04fd8634701697184a3f3a5558b41c109866e5f8/src/utils/Rescuable.sol#L70

/**

* @notice The caller must be the owner.

* @dev Rescues an account.

* @param to The address of the account to rescue.

* @param token The token to rescue. If 0, it is ether.

* @param amount The amount to rescue.

* @notice The caller must be the owner.

function rescue(

address to,

address token,

uint256 amount

) external onlyOwner {

if (token == address(0x0)) {

payable(to).transfer(amount);//@audit transfer only gives out 2300 gas which might not be enough when the hard fork is over.

} else {

_safe_transfer(token, to, amount);

}

emit Rescue(to, token, amount);

}

Impact

This will cause any ETH stuck in the contract to be lost forever.

Tools Used

Recommendations

Use call() instead transfer() to send Eth

Updates

Lead Judging Commences

0xnevi Lead Judge over 1 year ago

Submission Judgement Published

Invalidated

Reason: Known issue

Assigned finding tags:

[invalid] finding-TokenManager-withdraw-transfer-2300-gas

Invalid, known issues [Medium-2](https://github.com/Cyfrin/2024-08-tadle/issues/1)

Prize pool breakdown

Total prize

27,750 USDC

nSLOC

1,229

23 USDC / LOC

High Medium

25,000 USDC

Low

2,750 USDC

Judges

2,250 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!