Tadle
Tadle
DeFiFoundry
27,750 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Using `payable.transfer()` may make it impossible to withdraw ETH.

Stefanov

Summary

The transfer() function in Solidity is limited to 2300 gas, which can be insufficient if the receiving contract's fallback or receive function involves more complex logic. This can lead to the transaction reverting if the gas limit is exceeded.

Vulnerability Details

The protocol uses Solidity's transfer() function to transfer ETH to recipients here. However, this method has significant limitations when the recipient is a smart contract, as it can make transferring ETH impossible. The transfer will fail if the smart contract:

  • does not implement a payable fallback function

  • Implements a payable fallback function that would consume more than 2300 gas units.

  • implements a payable fallback function incurring less than 2300 gas units but is called through a proxy that raises the call’s gas usage above 2300.

Impact

Funds get stuck

Tools Used

Manual

Recommendations

File: TokenManager.sol
function withdraw(
address _tokenAddress,
TokenBalanceType _tokenBalanceType
) external whenNotPaused {
...
- payable(msg.sender).transfer(claimAbleAmount);
+ (bool success, ) = payable(msg.sender).call{value: claimAbleAmount}("");
+ require(success, " Transfer of ETH Failed");
...
}
Updates

Lead Judging Commences

0xnevi Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Known issue
Assigned finding tags:

[invalid] finding-TokenManager-withdraw-transfer-2300-gas

Invalid, known issues [Medium-2](https://github.com/Cyfrin/2024-08-tadle/issues/1)

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.