Closed code423n4 closed 2 years ago
https://github.com/code-423n4/2022-06-notional-coop/blob/6f8c325f604e2576e2fe257b6b57892ca181509a/notional-wrapped-fcash/contracts/wfCashLogic.sol#L70
receive() or fallback() payable function is missing in the current implementation of wfCashERC4626, calling WETH.withdraw() will revert.
receive()
fallback() payable
wfCashERC4626
WETH.withdraw()
WETH.withdraw(depositAmountExternal);
As a result, _mintInternal() when isETH == true will revert.
_mintInternal()
isETH == true
Duplicate of #99
receive() function is implemented in nBeaconProxy.sol#L9-L11
Lines of code
https://github.com/code-423n4/2022-06-notional-coop/blob/6f8c325f604e2576e2fe257b6b57892ca181509a/notional-wrapped-fcash/contracts/wfCashLogic.sol#L70
Vulnerability details
receive()
orfallback() payable
function is missing in the current implementation ofwfCashERC4626
, callingWETH.withdraw()
will revert.https://github.com/code-423n4/2022-06-notional-coop/blob/6f8c325f604e2576e2fe257b6b57892ca181509a/notional-wrapped-fcash/contracts/wfCashLogic.sol#L70
As a result,
_mintInternal()
whenisETH == true
will revert.