Closed code423n4 closed 2 years ago
sponsor confirmed
This is incorrect, the yieldy transfer call definitely reverts if it fails.
Take a look at the solidity compiler version.
I still think it will be good to explicitly check this instead of relying on the compiler version to make it more future proof (even though it most likely won't be affected).
Lines of code
https://github.com/code-423n4/2022-06-yieldy/blob/524f3b83522125fb7d4677fa7a7e5ba5a2c0fe67/src/contracts/Migration.sol#L48
Vulnerability details
Impact
Yieldy.transferFrom()
returns false on failure instead of reverting. This might lead tomoveFundsToUpgradedContract()
incorrectly unstaking and restaking tokens, potentially causing user orMigration.sol
to lose funds depending onNEW_CONTRACT
andOLD_CONTRACT
implementations.Proof of Concept
https://github.com/code-423n4/2022-06-yieldy/blob/524f3b83522125fb7d4677fa7a7e5ba5a2c0fe67/src/contracts/Migration.sol#L48-L52
No check for boolean return value from
transferFrom()
Tools Used
Manual Review
Recommended Mitigation Steps
Implement a check on the return value of
transferFrom()
.