To withdraw eth it uses transfer(), this trnansaction will fail inevitably when : -
The withdrwer smart contract does not implement a payable function.
Withdrawer smart contract does implement a payable fallback which uses more than 2300 gas unit
Thw withdrawer smart contract implements a payable fallback function whicn needs less than 2300 gas unit but is called through proxy that raise the call's gas usage above 2300
Handle
JMukesh
Vulnerability details
Impact
function withdraw(uint amount) external { require(amount <= ethBalance[msg.sender]); ethBalance[msg.sender] = ethBalance[msg.sender].sub(amount); msg.sender.transfer(amount); emit Withdraw(msg.sender, amount); }
To withdraw eth it uses transfer(), this trnansaction will fail inevitably when : -
The withdrwer smart contract does not implement a payable function.
Withdrawer smart contract does implement a payable fallback which uses more than 2300 gas unit
Thw withdrawer smart contract implements a payable fallback function whicn needs less than 2300 gas unit but is called through proxy that raise the call's gas usage above 2300
https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/
Proof of Concept
https://github.com/code-423n4/2021-04-redacted/blob/main/Beebots.sol#L649
Tools Used
no tool used
Recommended Mitigation Steps
use call() to send eth