SablierFlow::depositViaBroker function will revert if brokerFee is set to zero
Summary
SablierFlow::depositViaBroker function will revert if brokerFee is set to zero because tokens like LEND will revert the transfer if the value is set to 0.
Vulnerability Details
The Broker struct contains two properties, the account (address of the broker, on which broker commission will be transferred) and the fee(%) of the broker. The brokerfeeAmount is calculated using Broker.fee. If the broker fee is set to 0, the resultant brokerFeeAmount will also be 0. In SablierFlow::_depositViaBroker function, the token transfer will fail if value is 0.
_streams[streamId].token.safeTransferFrom({ from: msg.sender, to: broker.account, value: brokerFeeAmount });
In Helpers::checkAndCalculateBrokerFee function, there is a check that validates the broker address must not be 0
But there is no check that Broker.fee must not be zero. Because this check is not implemented, that is why I assume that Broker.fee is expected to be zero in certain situations and here is the bug, in case of tokens like LEND, the function will revert.
Impact
One of the core deposit functions of the protocol will revert unexpectedly because of a missing require statement.
Tools Used
Manual review
Recommendations
In Helpers::checkAndCalculateBrokerFee function, a check must be implemented to validate the Broker.fee is not set to 0.
Lead Judging Commences
[INVALID] Some token revert on 0 transfer and the broker fee might be 0
Appeal created
[INVALID] Some token revert on 0 transfer and the broker fee might be 0
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.