code-423n4 / 2021-10-ambire-findings

0 stars 0 forks source link

unchecked return value from transfer() #47

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Handle

JMukesh

Vulnerability details

Impact

due to unchecked return value from token.transfer() , transaction may silently fail because some token do not revert on failure

Proof of Concept

https://github.com/code-423n4/2021-10-ambire/blob/bc01af4df3f70d1629c4e22a72c19e6a814db70d/contracts/wallet/Zapper.sol#L226

https://github.com/code-423n4/2021-10-ambire/blob/bc01af4df3f70d1629c4e22a72c19e6a814db70d/contracts/IdentityFactory.sol#L52

Tools Used

manual review

Recommended Mitigation Steps

use safeTransfer()

Ivshti commented 2 years ago

duplicate of #35

GalloDaSballo commented 2 years ago

duplicate of #35