Funds sent by mistake could be stuck in the contracts

pauliax commented 2 years ago

https://github.com/code-423n4/2022-03-biconomy-findings/issues/114#issuecomment-1125184386

Warden: benk10

Issue:

Multiple contracts, including the: LiquidityProviders.sol, LiquidityPool.sol, and LiquidityFarming.sol implement a receive function, which would allow the contract to accept any eth transaction sent to it. However, the contracts do not have a way to withdraw that extra ETH, and no reason to accept such ETH transfers that are not function calls in the first place. This could lead to loss of funds sent accidentally to the contracts, while adding no benefit and just making the contract size larger.

Recommendation:

Remove the above mentioned receive functions to avoid accidental loss of funds and reduce unnecessary contract code.

liveactionllama commented 2 years ago

Closing as judge has marked this as a duplicate of #157.

pauliax commented 2 years ago

https://github.com/code-423n4/2022-03-biconomy-findings/issues/157#issuecomment-1146220408

pauliax commented 2 years ago

QA report of the warden: #114

code-423n4 / 2022-03-biconomy-findings

Funds sent by mistake could be stuck in the contracts #204

Issue:

Recommendation: