When a fee is collected on token transfers (like USDT can do), the code can fail.
Note: rebasing/deflationary/inflationary underlying tokens whose balance changes during transfers or over time has similar problems.
Suppose 100 USDT is transferred via safeTransferFrom() to the AxelarGasService contract.
And a fee is applied (currently 0, but might be changed in the future).
Then you might receive 99.99 USDT
Now you try to do use this gas ( 100 USDT ), this will fail because the contract is 1 cent short.
Lines of code
https://github.com/code-423n4/2022-07-axelar/blob/main/contracts/gas-service/AxelarGasService.sol#L12 https://github.com/code-423n4/2022-07-axelar/blob/main/contracts/gas-service/AxelarGasService.sol#L46
Vulnerability details
Impact
When a fee is collected on token transfers (like USDT can do), the code can fail. Note: rebasing/deflationary/inflationary underlying tokens whose balance changes during transfers or over time has similar problems.
Suppose 100 USDT is transferred via safeTransferFrom() to the AxelarGasService contract. And a fee is applied (currently 0, but might be changed in the future). Then you might receive 99.99 USDT Now you try to do use this gas ( 100 USDT ), this will fail because the contract is 1 cent short.
Proof of Concept
https://github.com/code-423n4/2022-07-axelar/blob/main/contracts/gas-service/AxelarGasService.sol#L12
Tools Used
Code Review
Recommended Mitigation Steps
Consider checking the transferred amount by subtracting the before & after balance.