The withdraw function is utilizing the transfer invocation which has a fixed gas stipend and can fail, especially beyond the Berlin fork which increased the gas costs for first-time invocations of a transfer: https://eips.ethereum.org/EIPS/eip-2929
Proof of Concept
The EIP should be sufficient.
Tools Used
Manual Review.
Recommended Mitigation Steps
I advise a safe wrapper library to be utilized, such as the OpenZeppelin Address library's sendValue function which forwards sufficient gas for the transfer regardless of the underlying OPCODE gas costs.
Handle
0xsomeone
Vulnerability details
Impact
The
withdrawfunction is utilizing thetransferinvocation which has a fixed gas stipend and can fail, especially beyond the Berlin fork which increased the gas costs for first-time invocations of a transfer: https://eips.ethereum.org/EIPS/eip-2929Proof of Concept
The EIP should be sufficient.
Tools Used
Manual Review.
Recommended Mitigation Steps
I advise a safe wrapper library to be utilized, such as the OpenZeppelin
Addresslibrary'ssendValuefunction which forwards sufficient gas for the transfer regardless of the underlying OPCODE gas costs.