Unverified ERC-20 Metadata Calls Leading to Potential Overflows and Reverts
Summary
The _registerCollateralToken() function retrieves ERC-20 metadata (symbol(), decimals()) without verifying their correctness. This introduces critical risks, including unexpected contract reverts, integer overflows, and incorrect token conversions. Malicious or non-standard ERC-20 tokens can return unexpected values, leading to protocol disruption or financial loss
Vulnerability Details
Issue: The function assumes all ERC-20 tokens correctly implement symbol() and decimals(), but many tokens do not follow the ERC-20 metadata standard.
Risk of Reverts: Some tokens lack
symbol()anddecimals()functions, causing the transaction to fail entirely.Risk of Overflows: A malicious token could return
decimals = 255, causing integer overflow when performing calculations inWToken.Unexpected Symbol Manipulation: A token could return a very long symbol, exceeding Solidity’s
stringlimitations, causing unexpected behavior in storage or logs.
A malicious token contract could be deployed with the following non-standard implementation:
Impact:
If
symbol()reverts,_registerCollateralToken()fails entirely, making the protocol unable to register new collateral tokens.If
decimals()returns255, arithmetic operations may break calculations, causing token inflation or incorrect balances.
Impact
Unauthorized function calls and unvalidated ERC-20 metadata can lead to operational risks, financial loss, and protocol integrity issues.
Tools Used
Testing and Manual Review
Recommendations
Before creating WToken, verify that _collateralToken is valid and safe:
Ensures the token actually exists and is supported
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.