Open code423n4 opened 3 years ago
gpersoon
The function transferOut of Pools.sol contains a iERC20(_token).transfer where the result of the function isn't checked. This could result in transfers that don't succeed are undetected.
Pools.sol: function transferOut(address _token, uint _amount, address _recipient) internal { if(_token == VADER){ pooledVADER = pooledVADER - _amount; // Accounting } else if(_token == USDV) { pooledUSDV = pooledUSDV - _amount; // Accounting } if(_recipient != address(this)){ iERC20(_token).transfer(_recipient, _amount); } }
Editor
Add a require statement to check the result: require(...transfer(...) )
https://github.com/vetherasset/vaderprotocol-contracts/commit/ffdcbeb3611cc94f89e6fed14533b25072cece76
0xBrian
commented
3 years ago
Handle
gpersoon
Vulnerability details
Impact
The function transferOut of Pools.sol contains a iERC20(_token).transfer where the result of the function isn't checked. This could result in transfers that don't succeed are undetected.
Proof of Concept
Pools.sol: function transferOut(address _token, uint _amount, address _recipient) internal { if(_token == VADER){ pooledVADER = pooledVADER - _amount; // Accounting } else if(_token == USDV) { pooledUSDV = pooledUSDV - _amount; // Accounting } if(_recipient != address(this)){ iERC20(_token).transfer(_recipient, _amount); } }
Tools Used
Editor
Recommended Mitigation Steps
Add a require statement to check the result: require(...transfer(...) )