search

code-423n4 / 2023-06-stader-findings

1 stars 1 forks source link

There is no check to see if eth was successfully sent from PermissionlessNodeRegistry to StaderInsuranceFund. #377

Closed code423n4 closed 1 year ago

code423n4 commented 1 year ago

Lines of code

https://github.com/code-423n4/2023-06-stader/blob/main/contracts/PermissionlessNodeRegistry.sol#L210-L212 https://github.com/code-423n4/2023-06-stader/blob/main/contracts/StaderInsuranceFund.sol#L36-L38

Vulnerability details

Impact

Eth may not complete successfully. As a result, StaderInsuranceFund will not receive collateral.

Tools Used

Manual audit

Recommended Mitigation Steps

Add to StaderInsuranceFund.depositFund() function: if(msg.value == 0) revert Error

Assessed type

ETH-Transfer

c4-judge commented 1 year ago

Picodes marked the issue as unsatisfactory: Invalid