Snowman Merkle Airdrop
First Flight #42
Beginner FriendlyFoundrySolidityNFT
100 EXP
View results
Previous Next
Submission Details
Impact: low
Likelihood: low
Invalid

L-2 Missing require Check for Zero Balance in `Snow::collectFee`

qasimlab118

Root + Impact

Missing require Check for Zero Balance in Snow::collectFee

Description

The function collectFee() transfers both:

  1. All WETH tokens from the contract to s_collector

  2. All native ETH balance to s_collector

However, there is no check to verify that the contract has a non-zero balance before making these transfers. As a result, the function may:

  • Trigger a transfer of 0 WETH (wasting some gas, might revert on non-standard tokens)

  • Attempt a native call with 0 ETH, which still costs gas

This is not dangerous, but can be seen as inefficient or unclear behavior.


Risk

Likelihood:

  • Medium — the function can be called at any time by the collector

  • Easy to accidentally call when no fees exist

Impact:

  • Minor gas waste when balances are zero


Recommended Mitigation

+ uint256 wethBalance = i_weth.balanceOf(address(this));
+ uint256 ethBalance = address(this).balance;
+ require(wethBalance > 0 || ethBalance > 0, "Nothing to collect");
+ if (wethBalance > 0) {
i_weth.transfer(s_collector, wethBalance);
}
+ if (ethBalance > 0) {
(bool collected,) = payable(s_collector).call{value: ethBalance}("");
require(collected, "ETH transfer failed");
}
Updates

Lead Judging Commences

yeahchibyke Lead Judge 13 days ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.