Submission Details
Severity:
`ChristmasDinner.withdraw` function doesn't send collected ETHER to the Host
Description: The ChristmasDinner::withdraw function transfers all the ERC20 tokens to the Host but it doesn't transfer the collected ETHER making it lost in the contract forever.
Impact: Host won't be able to transfer the collected ETHER to his wallet
Proof of Concept:
Users deposit ETHER
Host calls the
ChristmasDinner::withdrawfunctionNo ETHER is added to the Hosts wallet
PoC Code
Add following test:
function test_withdrawNoEther() public {
address payable _cd = payable(address(cd));
vm.deal(user1, 10e18);
vm.prank(user1);
(bool sent,) = _cd.call{value: 1e18}("");
require(sent, "transfer failed");
vm.stopPrank();
assertEq(user1.balance, 9e18);
assertEq(address(cd).balance, 1e18);
vm.startPrank(deployer);
cd.withdraw();
vm.stopPrank();
assertEq(address(cd).balance, 1e18);
assertEq(address(deployer).balance, 0);
}
Recommendation: To prevent this, we should also transfer ETHER from the ChristmasDinner contract to the Host wallet in ChristmasDinner::withdraw
function withdraw() external onlyHost {
address _host = getHost();
i_WETH.safeTransfer(_host, i_WETH.balanceOf(address(this)));
i_WBTC.safeTransfer(_host, i_WBTC.balanceOf(address(this)));
i_USDC.safeTransfer(_host, i_USDC.balanceOf(address(this)));
+ payable(host).transfer(address(this).balance);
}
Updates
Lead Judging Commences
0xtimefliez 10 months ago
Submission Judgement Published Assigned finding tags:
withdraw function lacks functionality to send ether
Rewards breakdown
nSLOC
129This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.