Closed code423n4 closed 1 year ago
Picodes marked the issue as satisfactory
Picodes marked the issue as primary issue
Picodes marked the issue as unsatisfactory: Invalid
Picodes marked the issue as nullified
Picodes marked the issue as not nullified
SD transfers are boolean checked.
manoj9april marked the issue as sponsor disputed
Picodes marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-06-stader/blob/main/contracts/SDCollateral.sol#L47-L49 https://github.com/code-423n4/2023-06-stader/blob/main/contracts/SDCollateral.sol#L68-L70
Vulnerability details
Impact
Some tokens do not return the success of the token submission. Because Since we don’t know for sure how the SD token is implemented, we need to take this into account.
Proof of Concept
A detailed example is listed in: https://github.com/d-xo/weird-erc20#missing-return-value
Tools Used
Manual audit
Recommended Mitigation Steps
Use safeTransfer from openZeppelin library
Assessed type
Token-Transfer