Closed code423n4 closed 1 year ago
https://github.com/PartyDAO/party-contracts-c4/blob/main/contracts/party/PartyGovernance.sol#L783-L796
PartyGovernance.targetAddress() makes a low-level call to send eth to a target address, however does not check if transaction is successful.
Manual review
Add a require check for success
Duplicate of #233
See dupe for context.
Merging with #308
Lines of code
https://github.com/PartyDAO/party-contracts-c4/blob/main/contracts/party/PartyGovernance.sol#L783-L796
Vulnerability details
Impact
PartyGovernance.targetAddress() makes a low-level call to send eth to a target address, however does not check if transaction is successful.
Proof of Concept
https://github.com/PartyDAO/party-contracts-c4/blob/main/contracts/party/PartyGovernance.sol#L783-L796
Tools Used
Manual review
Recommended Mitigation Steps
Add a require check for success