kingyetifinance
commented
2 years ago @LilYeti: This is an issue but since it is the only thing happening in that function it does not need to be confirmed.
Closed code423n4 closed 2 years ago
kingyetifinance
commented
2 years ago @LilYeti: This is an issue but since it is the only thing happening in that function it does not need to be confirmed.
kingyetifinance
commented
2 years ago Fixed, nothing new compared to https://github.com/code-423n4/2021-12-yetifinance-findings/issues/94
0xtruco
commented
2 years ago Fixed in https://github.com/code-423n4/2021-12-yetifinance/pull/3 Also #214
alcueca
commented
2 years ago For now, a duplicate of #1
alcueca
commented
2 years ago Duplicate of #94
alcueca
commented
2 years ago Duplicate of issue by the same warden
Handle
0x1f8b
Vulnerability details
Impact
Unsafe transfer was done.
Proof of Concept
In the method
YetiFinanceTreasury.sendTokenit's made a transfer without checking the boolean result, ERC20 standard specify that the token can return false if the transfer was not made, so it's mandatory to check the result of transfer methods.Tools Used
Manual review
Recommended Mitigation Steps
Use safe transfer or check the boolean result