Closed code423n4 closed 2 years ago
pauliax
.transfer is no longer recommended as recipients with custom fallback functions (smart contracts) will not be able to handle that:
if (address(token) == weth) { IWETH(weth).withdraw(amount); payable(to).transfer(amount);
You can read more here: https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/
Solution (don't forget re-entrancy protection): https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/Address.sol#L53-L59
Duplicate to #228
ColaM12
commented
2 years ago ColaM12
commented
2 years ago
Handle
pauliax
Vulnerability details
Impact
.transfer is no longer recommended as recipients with custom fallback functions (smart contracts) will not be able to handle that:
You can read more here: https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/
Recommended Mitigation Steps
Solution (don't forget re-entrancy protection): https://github.com/OpenZeppelin/openzeppelin-contracts/blob/master/contracts/utils/Address.sol#L53-L59