Flow
Sablier
FoundryDeFi
20,000 USDC
View results
Previous Next
Submission Details
Severity: high
Invalid

Non-Existent Stream Deposit Vulnerability

juggernaut63

Summary

The SablierFlow contract lacks validation to ensure that a streamId exists before allowing deposits. This can lead to deposits being made to non-existent streams, resulting in lost funds.

Vulnerability Details

The vulnerability arises from the absence of a check to verify the existence of a streamId in the _streams mapping before allowing deposits. This allows deposits to be made to streams that have not been initialized.

function _deposit(uint256 streamId, uint128 amount) internal {
@=> // Missing validation for streamId existence
// Check: the deposit amount is not zero.
if (amount == 0) {
revert Errors.SablierFlow_DepositAmountZero(streamId);
}
IERC20 token = _streams[streamId].token;
// Effect: update the stream balance.
_streams[streamId].balance += amount;
unchecked {
// Effect: update the aggregate balance.
aggregateBalance[token] += amount;
}
// Interaction: transfer the amount.
token.safeTransferFrom({ from: msg.sender, to: address(this), value: amount });
// Log the deposit.
emit ISablierFlow.DepositFlowStream({ streamId: streamId, funder: msg.sender, amount: amount });
}

Impact

Deposits to non-existent streams result in funds being locked in the contract without any means of recovery.

Tools Used

Manual review

Recommendations

Add a validation check in the _deposit function to ensure that the streamId exists before proceeding with the deposit.

function _deposit(uint256 streamId, uint128 amount) internal {
// Check: ensure streamId exists in _streams.
+ if (_streams[streamId].token == address(0)) {
+ revert Errors.SablierFlow_StreamIdNotFound(streamId);
}
// Existing logic for deposit
...
}
Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.