In the _deposit function, the amount added in deposit could be less than the actual amount gotten from the token.transferFrom which could lead to a discrepancy between _streams[streamId].balance and actual value transferred to the Flow contract.
In the _deposit function as seen at https://github.com/Cyfrin/2024-10-sablier/blob/main/src/SablierFlow.sol#L624
We can see the amount added to _streams[streamId].balance is the amount intended to be deposit, but token.safeTransferFrom({ from: msg.sender, to: address(this), value: amount });
could send a different value due to fee on transfer weird tokens, so that transferAmount <= amount
This could lead to accrued debt on protocol and DOS when user intend to withdraw, for example withdrawMax
could fail and value gotten from stream could always be smaller than intended amount.
Manual Review
check the amount gotten through transferFrom, with either
check balanceOf token before transfer and balanceAfter, to get the actual amount gotten and add it to the _streams[streamId].balance
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.