Platform: Code4rena
Start Date: 22/09/2023
Pot Size: $100,000 USDC
Total HM: 15
Participants: 175
Period: 14 days
Judge: alcueca
Total Solo HM: 4
Id: 287
League: ETH
Rank: 153/175
Findings: 1
Award: $11.47
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: MrPotatoMagic
Also found by: 0xAadi, 0xDING99YA, 0xDemon, 0xRstStn, 0xSmartContract, 0xStriker, 0xWaitress, 0xbrett8571, 0xfuje, 0xsagetony, 0xsurena, 33BYTEZZZ, 3docSec, 7ashraf, ABA, ABAIKUNANBAEV, Aamir, Audinarey, Bauchibred, Black_Box_DD, Daniel526, DanielArmstrong, DanielTan_MetaTrust, Dinesh11G, Eurovickk, Franklin, Inspecktor, John, Jorgect, Joshuajee, K42, Kek, Koolex, LokiThe5th, MIQUINHO, Myd, NoTechBG, QiuhaoLi, SanketKogekar, Sathish9098, Sentry, Soul22, SovaSlava, Stormreckson, Tendency, Topmark, Udsen, V1235816, Viktor_Cortess, Viraz, Yanchuan, ZdravkoHr, Zims, albahaca, albertwh1te, alexweb3, alexxander, ast3ros, audityourcontracts, bareli, bin2chen, bronze_pickaxe, c0pp3rscr3w3r, cartlex_, castle_chain, chaduke, debo, ether_sky, gumgumzum, imare, its_basu, jaraxxus, jasonxiale, josephdara, kodyvim, ladboy233, lanrebayode77, lsaudit, mert_eren, minhtrng, n1punp, nadin, niroh, nmirchev8, orion, peakbolt, perseverancesuccess, pfapostol, ptsanev, rvierdiiev, saneryee, shaflow2, te_aut, terrancrypt, twcctop, unsafesol, ustas, versiyonbir, windhustler, yongskiws, zhaojie, ziyou-
11.4657 USDC - $11.47
Unused Return Value Warning in ArbitrumBranchBridgeAgent.sol
The warning indicates that the return value of a low-level call to _rootBridgeAgentAddress is not being used in the contract. While this warning is not an error, it suggests that the contract might not be handling potential errors or responses correctly when interacting with _rootBridgeAgentAddress. Ignoring return values from low-level calls can lead to unexpected behavior or vulnerabilities.
The warning is located in the following line of code in ArbitrumBranchBridgeAgent.sol: https://github.com/code-423n4/2023-09-maia/blob/main/src/ArbitrumBranchBridgeAgent.sol#L103
_rootBridgeAgentAddress.call{value: msg.value}("");
This code makes a low-level call to _rootBridgeAgentAddress, but the return value is not used or checked for errors.
code review
To address this warning and ensure proper error handling, you can modify the code as follows:
(bool success, ) = _rootBridgeAgentAddress.call{value: msg.value}(""); require(success, "Low-level call to _rootBridgeAgentAddress failed");
By checking the success variable and requiring that it's true, you ensure that the low-level call to _rootBridgeAgentAddress was successful. This helps prevent unexpected issues and improves the security of your contract.
#0 - c4-pre-sort
2023-10-15T13:26:32Z
0xA5DF marked the issue as sufficient quality report
#1 - c4-judge
2023-10-21T13:07:55Z
alcueca marked the issue as grade-b