Tadle

DeFi

30,000 USDC

View results

Previous Next

Submission Details

Severity: low

Invalid

Unsafe ERC20 Operations should not be used in - Found in src/core/TokenManager.sol (src/core/TokenManager.sol

heim

Summary

The audit has identified unsafe ERC20 operation practices within the TokenManager.sol contract, where standard ERC20 functions are used directly without proper handling of potential failures. This is found on two specific lines of code that do not validate return values or handle possible transfer rejections adequately, thereby posing significant risks to the contract's integrity and security.

Vulnerability Details

Unsafe Transfer to Sender

Location: src/core/TokenManager.sol, Line 169
Code: payable(msg.sender).transfer(claimAbleAmount);

Issue: This direct transfer method does not handle potential failures properly. If transfer fails (e.g., due to the gas limit constraints of 2300 inherent to transfer), the contract will not properly mitigate these issues, potentially leaving the contract in an inconsistent state or causing loss of funds.

Unsafe Approval Handling

Location: src/core/TokenManager.sol, Line 247
Code: ICapitalPool(\_capitalPoolAddr).approve(address(this));
Issue: The success of the approve call is not checked, which may result in assumptions that are incorrect regarding the current approval status. This can potentially lead to failed or unintended token movements which compromise the intended contract logic and security.

Impact

The identified issues can result in:

Potential loss of funds if transfers fail without being detected.
Erroneous contract behaviors due to unchecked approval statuses.
Inconsistent contract states that increase vulnerability to further exploits.

Tools Used

Manual Code Review

Recommendations

To address these issues, it is highly recommended to utilize OpenZeppelin's SafeERC20 library which ensures that ERC20 operations (transfer, approve) are safely executed and automatically handle any failure states.

Specific Recommendations:

Replace Direct Transfers with Safe Methods:

(bool success, ) = payable(msg.sender).call{value: claimAbleAmount}("");
require(success, "Transfer failed.");
Use Safe Approval Methods Provided by SafeERC20:

SafeERC20.safeApprove(IERC20(_tokenAddress), address(this), _amount);

Updates

Lead Judging Commences

0xnevi Lead Judge 10 months ago

Submission Judgement Published

Invalidated

Reason: Known issue

Assigned finding tags:

[invalid] finding-TokenManager-withdraw-transfer-2300-gas

Invalid, known issues [Medium-2](https://github.com/Cyfrin/2024-08-tadle/issues/1)

Prize pool breakdown

Total prize

30,000 USDC

nSLOC

1,229

24 USDC / LOC

High Medium

25,000 USDC

Low

2,750 USDC

Judges

2,250 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.