Platform: Code4rena
Start Date: 21/02/2024
Pot Size: $200,000 USDC
Total HM: 22
Participants: 36
Period: 19 days
Judge: Trust
Total Solo HM: 12
Id: 330
League: ETH
Rank: 32/36
Findings: 1
Award: $124.91
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: serial-coder
Also found by: 0x11singh99, Jorgect, Mrxstrange, Rhaydden, josephdara, nonseodion, unix515
124.9081 USDC - $124.91
https://github.com/code-423n4/2024-02-wise-lending/blob/79186b243d8553e66358c05497e5ccfd9488b5e2/contracts/TransferHub/TransferHelper.sol#L13-L52 https://github.com/code-423n4/2024-02-wise-lending/blob/79186b243d8553e66358c05497e5ccfd9488b5e2/contracts/TransferHub/ApprovalHelper.sol#L13-L29
The _callOptionalReturn function in both ApprovalHelper.sol and TransferHelper.sol returns a boolean indicating the success or failure of the low-level call. But, this return value is not checked/not used at all in these contracts. This means that if the low-level call fails for any reason (e.g., due to a revert in the called contract, the failure will not be caught or handled by the calling contracts. This could lead to unexpected behavior or potential security vulnerabilities, as the contracts may continue executing under the assumption that the call was successful.
The contracts that import the Approvalhelper.sol contract include:
The contracts that import the Transferhelper.sol contract include:
TransferHub is the directory which includes contracts intending to move funds securely. Leaving it unchecked leaves the entire codebase vulnerable.
ApprovalHelper.sol: The _safeApprove function calls _callOptionalReturn but does not check the return value.
TransferHelper.sol: Both _safeTransfer and _safeTransferFrom functions call _callOptionalReturn without checking the return.
VScode
Check Return Value: Modify the _safeApprove, _safeTransfer, and _safeTransferFrom functions to check the return value of _callOptionalReturn. If the call fails, the functions should revert or handle the failure appropriately.
Example modification for _safeApprove:
function _safeApprove( address _token, address _spender, uint256 _value ) internal { bool success = _callOptionalReturn( _token, abi.encodeWithSelector( IERC20.approve.selector, _spender, _value ) ); require(success, "Approval failed"); }
Other
#0 - GalloDaSballo
2024-03-12T19:25:58Z
#1 - c4-pre-sort
2024-03-12T19:26:01Z
GalloDaSballo marked the issue as insufficient quality report
#2 - c4-pre-sort
2024-03-17T14:30:23Z
GalloDaSballo marked the issue as duplicate of #212
#3 - c4-pre-sort
2024-03-18T16:27:06Z
GalloDaSballo marked the issue as sufficient quality report
#4 - trust1995
2024-03-26T14:30:31Z
Did not demonstrate full understanding like other submissions. 50%
#5 - c4-judge
2024-03-26T14:30:36Z
trust1995 marked the issue as satisfactory
#6 - c4-judge
2024-03-26T14:30:39Z
trust1995 marked the issue as partial-50