code-423n4 / 2021-12-yetifinance-findings

0 stars 0 forks source link

Unsafe transfer in StabilityPool #227

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Handle

0x1f8b

Vulnerability details

Impact

Unsafe transfer was done.

Proof of Concept

In the method StabilityPool._sendGainsToDepositor it's made a transfer without checking the boolean result, ERC20 standard specify that the token can return false if the transfer was not made, so it's mandatory to check the result of transfer methods.

Tools Used

Manual review

Recommended Mitigation Steps

Use safe transfer or check the boolean result

kingyetifinance commented 2 years ago

@LilYeti: Duplicate #1

kingyetifinance commented 2 years ago

Fixed, nothing new compared to https://github.com/code-423n4/2021-12-yetifinance-findings/issues/94

alcueca commented 2 years ago

Duplicate of #94

alcueca commented 2 years ago

Duplicate of issue by the same warden