Consider adding a token whitelist in sendToCosmos function
The function
sendToCosmos
does not have a whitelist of supported tokens. This means that it allows
transferring arbitrary tokens (which does not have a cosmos equivalent)
to the gravity bridge contract.
Handle
hrkrshnn
Vulnerability details
Consider adding a token whitelist in
sendToCosmos
functionThe function sendToCosmos does not have a whitelist of supported tokens. This means that it allows transferring arbitrary tokens (which does not have a cosmos equivalent) to the gravity bridge contract.