Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

In contract `DebtToken.sol` in `_update` function Condition reverting an error `TransferNotAllowed` whne the address in not zero .

shubu2581

Summary

In contract DebtToken.sol in _update function condition is checking that if address is not zero then revert an error TransferNotAllowed .

Vulnerability Details

In contract DebtToken.sol in _update function the if-else condition is applied , which is checking that if the address is not zero then revert error TransferNotAllowed .

if (from != address(0) && to != address(0))

if (from != address(0) && to != address(0)) { // q if the address is not zero then why we reverting that ?
revert TransfersNotAllowed();
}
function _update(address from, address to, uint256 amount) internal virtual override {
if (from != address(0) && to != address(0)) { // q if the address is not zero then why we reverting that ?
revert TransfersNotAllowed();
}
uint256 scaledAmount = amount.rayDiv(ILendingPool(_reservePool).getNormalizedDebt());
super._update(from, to, scaledAmount);
emit Transfer(from, to, amount);
}

https://github.com/Cyfrin/2025-02-raac/blob/89ccb062e2b175374d40d824263a4c0b601bcb7f/contracts/core/tokens/DebtToken.sol#L257C1-L257C9

Impact

  1. when someone call an _update function then it will revert an error TransferNotAllowed and restrict the access of transfering tokens .

Tools Used

Manual Review

Recommendations

  1. Correct the condition and check it for zero address .

    so that non zero address can execute the _update function and while zero address it reverts an error.

Updates

Lead Judging Commences

inallhonesty Lead Judge about 2 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Appeal created

shubu2581 Submitter
about 2 months ago
inallhonesty Lead Judge
about 2 months ago
inallhonesty Lead Judge about 1 month ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.