Dria
Swan
NFTHardhat
21,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Ignores return value after transferring tokens in `Swan::purchase(address _asset)` and in several places too.

aye__aye

Summary

In the `Swan::purchase(address _asset) function`, the `bool` return value of the token transfer is currently ignored. If the transfer fails for instance, due to insufficient funds or if the recipient address reverts on receiving ERC20 tokens—the function will complete without reverting, leading to a state where the transfer appears successful, but the recipient will not actually receive the tokens. Ignoring the transfer's success status could result in unintended behavior and discrepancies in account balances.

Vulnerability Details

```javascript
function purchase(address _asset) external {
//code here
=> token.transferFrom(listing.buyer, address(this), listing.price);
=> token.transfer(listing.seller, listing.price);
}
```
found in several places too
1. In `LLMOracleCoordinator.sol::request()` and `LLMOracleCoordinator.sol::withdrawPlatformFees()`
2. In `LLMOracleRegistry.sol:: register()`
3. In `BuyerAgent.sol::withdraw()`
4. In `Swan.sol::transferRoyalties()` and `Swan.sol::purchase()`

Impact

  1. Other parts of the system relying on the transfer's success might be affected, causing imbalances and potential security vulnerabilities.

  2. The function could complete successfully without actually transferring tokens, creating a mismatch between expected and actual balances.

Tools Used

slither , manual review

Recommendations

1.use `SafeERC20` library from openzeppelin.(reccomended)
2.manually handle the return values.
Updates

Lead Judging Commences

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Known issue
Assigned finding tags:

[KNOWN] - Low-35 Unsafe use of transfer()/transferFrom() with IERC20

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.