Use of `transfer` instead of `safeTransfer` in `Treasury.withdraw()` function may lead to silent failures due to unchecked return values
Summary
The withdraw() function in the Treasury contract uses the transfer method from the IERC20 interface to send tokens to a recipient. The current implementation does not check the boolean value indicating success, which can lead to potential issues if the transfer fails silently. The use of transfer is generally discouraged in favor of safeTransfer from the SafeERC20 library, which checks the return value and reverts if the transfer fails.
Vulnerability Details
The current implementation of the Treasury.withdraw() function uses IERC20(token).transfer(recipient, amount); to transfer tokens. This approach does not handle the case where the token contract does not return a boolean value or returns false, potentially leading to a situation where the transfer fails without reverting the transaction.
Impact
If the transfer operation fails and does not revert, the contract may incorrectly assume that the transfer was successful, leading to inconsistencies in the token balances and potential loss of funds.
Tools Used
Manual Review
Recommendations
Use the safeTransfer method from the SafeERC20 library to ensure that the transfer operation is successful. This method checks the return value of the transfer and reverts if the transfer fails.
Lead Judging Commences
[INVALID] SafeERC20 not used
LightChaser Low-60
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.