Dria
Swan
NFTHardhat
21,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

[H-2] register::LLMOracleRegistry.sol transferFrom result not checked

oluwaseyisekoni

Description and Proof of Concept

function register(LLMOracleKind kind) public {
uint256 amount = getStakeAmount(kind);
// ensure the user is not already registered
if (isRegistered(msg.sender, kind)) {
revert AlreadyRegistered(msg.sender);
}
// ensure the user has enough allowance to stake
if (token.allowance(msg.sender, address(this)) < amount) {
revert InsufficientFunds();
}
//@q transferFrom result not checked
token.transferFrom(msg.sender, address(this), amount);
// register the user
registrations[msg.sender][kind] = amount;
emit Registered(msg.sender, kind);
}

token.transferFrom(msg.sender, address(this), amount)the reult was not checked and this could lead to potential vulnerabilities check below

Impact

  1. Non-Standard Token Issues:

  • Some tokens (like USDT) don't return values

  • Some return false on failure instead of reverting

  • Transaction succeeds but no tokens move

2 State Inconsistency:

// Current vulnerable flow:
token.transferFrom(msg.sender, address(this), amount); // Fails silently
registrations[msg.sender] = amount; // State updated despite failed transfer
emit Registered(msg.sender, kind); // Event emitted incorrectly

Recommended mitigation

Return value of transferFrom should be checked

// Check return value
bool success = token.transferFrom(msg.sender, address(this), amount);
require(success, "Transfer failed");
// Only update state after confirmed transfer
registrations[msg.sender][kind] = amount;
emit Registered(msg.sender, kind);
Updates

Lead Judging Commences

inallhonesty Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Known issue
Assigned finding tags:

[KNOWN] - Low-35 Unsafe use of transfer()/transferFrom() with IERC20

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.