Platform: Code4rena
Start Date: 01/07/2022
Pot Size: $75,000 USDC
Total HM: 17
Participants: 105
Period: 7 days
Judge: Jack the Pug
Total Solo HM: 5
Id: 143
League: ETH
Rank: 103/105
Findings: 1
Award: $3.41
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: horsefacts
Also found by: 0x1f8b, 0x29A, 0x52, 0xf15ers, AlleyCat, Ch_301, Chom, Franfran, IllIllI, Kaiziron, Limbooo, Meera, Ruhum, Sm4rty, apostle0x01, berndartmueller, cccz, cloudjunky, codexploder, cryptphi, delfin454000, durianSausage, fatherOfBlocks, hake, hansfriese, hyh, jonatascm, m_Rassska, oyc_109, peritoflores, rajatbeladiya, rbserver, svskaushik, zzzitron
3.4075 USDC - $3.41
https://github.com/jbx-protocol/juice-contracts-v2/blob/4abc5fb6e51adf5bbcf5dba4f393cdeaecb4f8a9/contracts/JBETHERC20SplitsPayer.sol#L301 https://github.com/jbx-protocol/juice-contracts-v2/blob/4abc5fb6e51adf5bbcf5dba4f393cdeaecb4f8a9/contracts/JBETHERC20SplitsPayer.sol#L384 https://github.com/jbx-protocol/juice-contracts-v2/blob/4abc5fb6e51adf5bbcf5dba4f393cdeaecb4f8a9/contracts/JBETHERC20SplitsPayer.sol#L534 https://github.com/jbx-protocol/juice-contracts-v2/blob/4abc5fb6e51adf5bbcf5dba4f393cdeaecb4f8a9/contracts/JBERC20PaymentTerminal.sol#L81-L89
This is a well known issue, the protocol uses at many parts the insecure transfer/safeTransfer for generic ERC20 tokens.
Use OZ Safe Transfer
#0 - drgorillamd
2022-07-12T16:18:37Z
Duplicate of #281