Submission Details
Severity:
unchecked-transfer in BuyerAgent.sol
Summary
Unchecked ERC20 token transfer in BuyerAgent's withdraw function could lead to failed transfers going undetected.
Vulnerability DetailsSummary
Location: BuyerAgent.withdraw() [L262-277]
function withdraw(uint96 _amount) public onlyAuthorized {
// ... checks ...
swan.token().transfer(owner(), _amount); // Return value not checked
}
The function doesn't verify the return value from token.transfer(). Some ERC20 tokens like ZRX return false instead of reverting on failure.
Impact
High severity
Failed transfers could proceed silently
Users could lose funds when transfers fail but state changes still occur
Accounting errors from mismatched token balances
Tools Used
Manuel code review
Slither .
## unchecked-transfer
Impact: High
Confidence: Medium
* [ ] ID-5
[BuyerAgent.withdraw(uint96)]() ignores return value by [swan.token().transfer(owner(),\_amount)]()
contracts/swan/BuyerAgent.sol#L262-L277
Manuel code review
Recommendations
Use OpenZeppelin's SafeERC20:
import {SafeERC20} from "@openzeppelin/contracts/token/ERC20/utils/SafeERC20.sol";
contract BuyerAgent is Ownable {
using SafeERC20 for IERC20;
function withdraw(uint96 _amount) public onlyAuthorized {
// ... checks ...
swan.token().safeTransfer(owner(), _amount);
}
}
Updates
Lead Judging Commences
inallhonesty 12 months ago
Submission Judgement Published Reason: Lack of quality
Assigned finding tags:
[KNOWN] - Low-35 Unsafe use of transfer()/transferFrom() with IERC20
Prize pool breakdown
Total prize
21,000 USDC
nSLOC
1,03420 USDC / LOC
20,000 USDC
1,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.