Tadle
Tadle
DeFi
30,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

`transfer`and `send` Calls Are No Longer Considered Secure

heim

Summary

The audit has uncovered instances of deprecated transfer methods used to transfer ETH within the TokenManager contract. These methods are no longer considered best practice due to their fixed gas stipend, which can lead to failures in execution if the gas costs are repriced. The calls using transfer should be replaced with safer alternatives such as address.call{value: amount}("") or the sendValue function from the OpenZeppelin Address library, paired with reentrancy protection mechanisms.

Vulnerability Details

Location: contracts/TokenManager.sol, Line 169

  • Code Snippet

payable(msg.sender).transfer(claimAbleAmount);

The use of transfer to send ETH is potentially problematic due to the limited gas stipend it forwards (2300 gas). If gas price for EVM operations changes, the code execution on the receiving end might fail, making it unreliable.

Impact

  • Execution Failures: The transfer may fail if the receiving contract requires more than 2300 gas to execute its fallback function.

  • Loss of Funds: Funds intended for specific operations may not be received if the transfer fails, resulting in lost or stranded funds.

  • Reentrancy Vulnerabilities: Not utilizing safe patterns like checks-effects-interactions can lead to vulnerabilities, particularly when forwarding more gas.

Tools Used

Manual Review

Recommendations

Update the code to use a safer alternative for sending ETH, such as address.call{value: amount}(""), and implement proper reentrancy guards.

  1. Replace transfer with call: Instead of the transfer method, use call to forward all available gas, and handle the return status accordingly.

    Revised Code:

    // Import OpenZeppelin's Address library at the top
    import "@openzeppelin/contracts/utils/Address.sol";
    // Line 169 revised
    Address.sendValue(payable(msg.sender), claimAbleAmount);

  2. Add Reentrancy Guard: Use the ReentrancyGuard from OpenZeppelin to protect functions that handle ETH transfers.

    Example:

    // Import OpenZeppelin's ReentrancyGuard
    import "@openzeppelin/contracts/security/ReentrancyGuard.sol";
    // Inherit ReentrancyGuard in your contract
    contract TokenManager is ..., ReentrancyGuard {
    //...
    function withdraw(
    address _tokenAddress,
    TokenBalanceType _tokenBalanceType
    ) external nonReentrant whenNotPaused {
    // The rest of the function implementation remains the same
    }
    // ...
    }
Updates

Lead Judging Commences

0xnevi Lead Judge 10 months ago
Submission Judgement Published
Invalidated
Reason: Known issue
Assigned finding tags:

[invalid] finding-TokenManager-withdraw-transfer-2300-gas

Invalid, known issues [Medium-2](https://github.com/Cyfrin/2024-08-tadle/issues/1)

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.