Closed code423n4 closed 2 years ago
defsec
In the livepeer repository, It is written L1Migrator does not support to ETH. However, on the L2Migrator receive function has been defined.
https://github.com/livepeer/arbitrum-lpt-bridge/blob/ebf68d11879c2798c5ec0735411b08d0bea4f287/contracts/L2/gateway/L2Migrator.sol#L235
None
Revert when the contract receive native token.
Duplicate of https://github.com/code-423n4/2022-01-livepeer-findings/issues/177
As per #177, this is intended behaviour.
Handle
defsec
Vulnerability details
Impact
In the livepeer repository, It is written L1Migrator does not support to ETH. However, on the L2Migrator receive function has been defined.
Proof of Concept
https://github.com/livepeer/arbitrum-lpt-bridge/blob/ebf68d11879c2798c5ec0735411b08d0bea4f287/contracts/L2/gateway/L2Migrator.sol#L235
Tools Used
None
Recommended Mitigation Steps
Revert when the contract receive native token.