Flow

Sablier

FoundryDeFi

20,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

void function lacks a way for sender to withdraw funds if the recipient void the stream and the stream balance is greater than zero

cody

Summary

Vulnerability Details

https://github.com/Cyfrin/2024-10-sablier/blob/main/src/SablierFlow.sol#L728

this function handles the voiding of a stream by the sender of the stream or the recipient, but thia function lack a way to return remaining funds to the sender if stream is voided by recipient which can lead to lost of fund

because there is no return of funds to the sender when this function is called

Impact

The _void function does not ensure that funds are returned to the sender if the recipient calls it. While it includes checks and updates to the stream state, it lacks a mechanism to transfer remaining funds back to the sender which can lead to lost of fund

Tools Used

manaul

Recommendations

consider implementing a mechanism that allows the sender to reclaim their funds after voiding a stream

Updates

Lead Judging Commences

inallhonesty Lead Judge

8 months ago

inallhonesty Lead Judge 8 months ago

Submission Judgement Published

Invalidated

Reason: Incorrect statement

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

699

29 USDC / LOC

High Medium

19,000 USDC

Low

1,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.