code-423n4 / 2021-12-yetifinance-findings

0 stars 0 forks source link

Unsafe transfer in LPTokenWrapper #239

Closed code423n4 closed 2 years ago

code423n4 commented 2 years ago

Handle

0x1f8b

Vulnerability details

Impact

Unsafe transfer was done.

Proof of Concept

In the method LPTokenWrapper.claimReward it's made a transfer without checking the boolean result, ERC20 standard specify that the token can return false if the transfer was not made, so it's mandatory to check the result of transfer methods.

Tools Used

Manual review

Recommended Mitigation Steps

Use safe transfer or check the boolean result

kingyetifinance commented 2 years ago

@LilYeti: Duplicate #1

kingyetifinance commented 2 years ago

Outdated

alcueca commented 2 years ago

Duplicate of #94

alcueca commented 2 years ago

Duplicate of issue by the same warden