Closed code423n4 closed 2 years ago
We intentionally dont plan to work with 777 tokens out of security concerns (same as most of our integrated protocols).
https://github.com/code-423n4/2022-07-swivel/blob/main/Swivel/Swivel.sol#L125
I agree; this is a global comment with respect to the possibility for an ERC777 to spoof an ERC-20. I believe this issue is informational at best. You could consider adding nonReentrant
modifier to the higher-order initiate
to avoid unexpected callbacks.
Grouping this with the warden’s QA report, #143
Lines of code
https://github.com/code-423n4/2022-07-swivel/blob/main/Swivel/Swivel.sol#L125
Vulnerability details
Impact
If underlying is a ERC777 token
msg.sender
will not be able to fulfill order if grieffero.maker
decides revert execution on transfer receival.Proof of Concept
If underlying is a ERC777 token
o.maker
gets control of executionSafe.transferFrom(uToken, msg.sender, o.maker, a);
and is able to revert transaction.https://github.com/code-423n4/2022-07-swivel/blob/main/Swivel/Swivel.sol#L125
Tools Used
Manual Review
Recommended Mitigation Steps
Have
o.maker
withdraw his underlying instead of transferring it to them.