Token-0x

First Flight #54

Beginner FriendlyDeFi

100 EXP

View all submissions

Previous Next

Submission Details

Impact: high

Likelihood: high

[H-02] - Missing Transfer Event in `_burn()` breaks ERC20 compliance and off-chain tracking

Author Revealed upon completion

Root + Impact

Description

The _burn() function in ERC20Internals.sol does not emit a Transfer event to address(0) as required by the ERC20 standard.

According to the ERC20 specification: "A token contract which destroys tokens SHOULD trigger a Transfer event with the _to address set to 0x0 when tokens are burned."

The current implementation burns tokens and updates balances correctly but fails to emit the required event, making burns invisible to off-chain systems.

// Root cause in the codebase (ERC20Internals.sol, lines 158-180)

function _burn(address from, uint256 value) internal {

assembly {

// ... validation and balance updates ...

// Updates storage correctly BUT...

sstore(balanceSlot, sub(fromAmount, value))

sstore(_totalSupply.slot, sub(sload(_totalSupply.slot), value))

// @> BUG: No Transfer event emitted!

// Should emit: Transfer(from, address(0), value)

}

Note: The function updates state correctly but never emits the required Transfer(from, address(0), value) event.

Risk

Likelihood: High
Every burn operation is affected. This is not an edge case - it affects 100% of token destruction operations.

Impact: High

ERC20 Non-compliance: The token does not meet the ERC20 standard
Incorrect supply tracking: Block explorers show wrong circulating supply
DeFi integration failures: Protocols that track burns cannot function correctly
Audit failures: Token will fail formal ERC20 compliance audits

Proof of Concept

The exploit was confirmed using a Foundry test that demonstrates no Transfer event is emitted during burning.

Setup:
- Deploy the Token contract
- Mint tokens to alice
- Set up event recording using vm.recordLogs()
Action:
- Call token.burn(alice, 100e18) to burn 100 tokens from alice
- Retrieve all emitted logs
Result:
- No Transfer event found in logs
- Tokens were successfully burned and balance updated
- Off-chain systems have no visibility into this burn

Supporting Code:

// SPDX-License-Identifier: MIT

pragma solidity ^0.8.24;

import {Test, console2} from "forge-std/Test.sol";

import {VmSafe} from "forge-std/Vm.sol";

import {Token} from "./Token.sol";

contract VulnerabilityPoC is Test {

Token public token;

event Transfer(address indexed from, address indexed to, uint256 value);

function setUp() public {

token = new Token();

}

function test_H2_BurnMissingTransferEvent() public {

address alice = makeAddr("alice");

uint256 amount = 100e18;

// Setup: mint tokens first

token.mint(alice, amount);

// Record logs

vm.recordLogs();

// Burn tokens

token.burn(alice, amount);

// Get emitted logs

VmSafe.Log[] memory logs = vm.getRecordedLogs();

// Check that NO Transfer event was emitted

bool transferEventFound = false;

bytes32 transferEventSig = keccak256("Transfer(address,address,uint256)");

for (uint256 i = 0; i < logs.length; i++) {

if (logs[i].topics[0] == transferEventSig) {

transferEventFound = true;

break;

}

// BUG: Transfer event should be emitted but it's not

assertFalse(transferEventFound, "Transfer event was found (unexpected fix)");

// Verify tokens were burned

assertEq(token.balanceOf(alice), 0);

assertEq(token.totalSupply(), 0);

}

Test Results:

Test: test_H2_BurnMissingTransferEvent()

Status: PASS ✅

Gas Used: 44,920

Logs:

- No Transfer event emitted during burn

- Tokens successfully burned (balance = 0)

- Total supply updated to 0

- Off-chain tracking completely broken

Recommended Mitigation

Add the Transfer event emission to the _burn() function after updating the balance and total supply.

function _burn(address from, uint256 value) internal {

assembly {

// Existing validation...

if iszero(from) {

mstore(0x00, 0x00)

revert(0x00, 0x04)

}

// Existing balance/supply updates...

let balanceSlot := keccak256(0x00, 0x40)

let fromAmount := sload(balanceSlot)

sstore(balanceSlot, sub(fromAmount, value))

sstore(_totalSupply.slot, sub(sload(_totalSupply.slot), value))

+ // Emit Transfer event: Transfer(from, address(0), value)

+ mstore(0x00, value)

+ log3(

+ 0x00,

+ 0x20,

+ 0xddf252ad1be2c89b69c2b068fc378daa952ba7f163c4a11628f55a4df523b3ef, // Transfer topic

+ from, // from

+ 0 // to = address(0)

+ )

}

This ensures the token emits the standard Transfer event for all burning operations, restoring ERC20 compliance and enabling off-chain tracking.

Rewards breakdown

nSLOC

222

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!