Unchecked Return Value of `transferAndCall` Function in `deposit` in `OperatorVault`
Summary
The deposit function calls IERC677(address(token)).transferAndCall(address(stakeController), _amount, "") without checking its return value. This could lead to undetected failures during the token transfer process, which may affect the integrity of the staking logic.
Vulnerability Details
In Solidity, functions such as transferAndCall may return a boolean indicating whether the transfer was successful or not. However, in the current implementation, the return value is not checked. If the transfer fails, this failure will go unnoticed, potentially leading to a situation where tokens are not properly transferred to the staking contract. This could result in inconsistencies in the vault's accounting system (trackedTotalDeposits), creating a scenario where the system believes the deposit was successful, even though it wasn't.
Impact
If the transferAndCall function fails and the error is not detected, it can lead to several issues:
Incorrect accounting of total deposits in the vault.
Potential loss of funds or staking benefits for users.
Unwanted discrepancies between the actual token balance and the vault’s internal records.
Security vulnerabilities if the failure is exploited by an attacker to bypass deposit logic.
Tools Used
Manual code inspection.
Recommendations
Verify the return value of
transferAndCallto ensure the transfer was successful.Implement error handling logic to revert the transaction if the token transfer fails, ensuring the integrity of the vault’s deposit system.
Example code:
This will ensure that if the transfer fails, the transaction reverts and no inconsistent state is left in the system.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.