Missing Token Balance Check in collectProtocolRevenue Function
Summary
The collectProtocolRevenue function in the provided Solidity code does not check the amount of tokens left in the contract before making a withdrawal. This oversight can lead to failed transactions and potential loss of funds.
Vulnerability Details
-
Function:
collectProtocolRevenue -
Issue: The function does not verify the contract’s token balance before attempting to transfer the protocol revenue. If the contract’s balance is insufficient, the transfer will fail.
function collectProtocolRevenue(IERC20 token, address to) external override onlyAdmin {uint128 revenue = protocolRevenue[token];// Check: there is protocol revenue to collect.if (revenue == 0) {revert Errors.SablierFlowBase_NoProtocolRevenue(address(token));}// Effect: reset the protocol revenue.protocolRevenue[token] = 0;unchecked {// Effect: update the aggregate balance.aggregateBalance[token] -= revenue;}// Interaction: transfer the protocol revenue to the provided address.token.safeTransfer({ to: to, value: revenue });emit ISablierFlowBase.CollectProtocolRevenue({ admin: msg.sender, token: token, to: to, revenue: revenue });}}
Impact
Failed Transactions: If the contract does not have enough tokens to cover the
revenueamount, the transfer will fail, leading to failed transactions.
Tools Used
manual review
Recommendations
Add a check to verify that the contract has sufficient tokens to cover the revenue amount before attempting the transfer.
}
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.