Platform: Code4rena
Start Date: 01/08/2023
Pot Size: $91,500 USDC
Total HM: 14
Participants: 80
Period: 6 days
Judge: gzeon
Total Solo HM: 6
Id: 269
League: ETH
Rank: 77/80
Findings: 1
Award: $12.88
🌟 Selected for report: 0
🚀 Solo Findings: 0
🌟 Selected for report: dd0x7e8
Also found by: Bughunter101, Fulum, Kaysoft, MatricksDeCoder, SanketKogekar, Sathish9098, T1MOH, Udsen, debo, fatherOfBlocks, grearlake, hpsb, j4ld1na, josephdara, parsely, pep7siup, piyushshukla, ravikiranweb3, shirochan
12.8772 USDC - $12.88
The swapETHForExactTokens and swapTokensForExactETH function performs a low-level .call in payable(msg.sender).call{value: amountOut}(""); , msg.sender.call{value: msg.value - amounts[0]}(""); but does not check the return value if the call succeeded.
If the call fails, the refunds did not succeed and the caller will lose all refunds of msg.value - amounts[0].
https://github.com/code-423n4/2023-08-goodentry/blob/4b785d455fff04629d8675f21ef1d1632749b252/contracts/helper/V3Proxy.sol#L156 msg.sender.call{value: msg.value - amounts[0]}(""); emit Swap(msg.sender, path[0], path[1], amounts[0], amounts[1]); } https://github.com/code-423n4/2023-08-goodentry/blob/4b785d455fff04629d8675f21ef1d1632749b252/contracts/helper/V3Proxy.sol#L174C1-L175C1
payable(msg.sender).call{value: amountOut}(""); emit Swap(msg.sender, path[0], path[1], amounts[0], amounts[1]);
manual
Revert the entire transaction if the refund call fails by checking that the success return value of the payable(to).call(...) returns true.
call/delegatecall
#0 - c4-pre-sort
2023-08-09T02:03:23Z
141345 marked the issue as duplicate of #481
#1 - c4-pre-sort
2023-08-09T02:31:52Z
141345 marked the issue as duplicate of #83
#2 - c4-judge
2023-08-20T17:11:04Z
gzeon-c4 marked the issue as satisfactory
#3 - c4-judge
2023-08-20T17:11:11Z
gzeon-c4 changed the severity to 2 (Med Risk)