Description:
The _checkNoNativeBalance function is used to make sure that there are no Ethers left on the router after a bundle is executed. It is used to protect users from executing invalid bundles that do not withdraw Ethers from the router and leave it locked on the router. The function reverts whenever the Ether balance is greater than 0.
On one hand, the fallback function (BaseRouter.sol#L299) reverts on any call and receive function (BaseRouter.sol#L290) is allowed only for WETH contract. On the other hand, anyone can increase the balance of the router contract with a self-destruct function or using the xTransfer with a call that transfers any amount of Ether and reverts.
Note: The transferred amount can be swept by users with a HOUSE_KEEPER_ROLE role or used by anyone to deposit, however it becomes economically unprofitable when the transferred amount is 1 Wei.
Recommendation:
In order to keep the protection mechanism that does not allow leaving new Ether on the router contract we recommend to check the balance before and after the bundle is executed and revert if the balances differ.
Where: https://github.com/Fujicracy/fuji-v2/blob/bffa427797ad8d6df63671868ee8823574e044ca/packages/protocol/src/abstracts/BaseRouter.sol#L280-L284
Description: The _checkNoNativeBalance function is used to make sure that there are no Ethers left on the router after a bundle is executed. It is used to protect users from executing invalid bundles that do not withdraw Ethers from the router and leave it locked on the router. The function reverts whenever the Ether balance is greater than 0. On one hand, the fallback function (BaseRouter.sol#L299) reverts on any call and receive function (BaseRouter.sol#L290) is allowed only for WETH contract. On the other hand, anyone can increase the balance of the router contract with a self-destruct function or using the xTransfer with a call that transfers any amount of Ether and reverts.
Note: The transferred amount can be swept by users with a HOUSE_KEEPER_ROLE role or used by anyone to deposit, however it becomes economically unprofitable when the transferred amount is 1 Wei.
Recommendation: In order to keep the protection mechanism that does not allow leaving new Ether on the router contract we recommend to check the balance before and after the bundle is executed and revert if the balances differ.