Closed c4-submissions closed 10 months ago
raymondfam marked the issue as low quality report
raymondfam marked the issue as duplicate of #363
raymondfam marked the issue as not a duplicate
raymondfam marked the issue as duplicate of #470
alex-ppg marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-10-brahma/blob/dd0b41031b199a0aa214e50758943712f9f574a0/contracts/src/core/ExecutorPlugin.sol#L68 https://github.com/code-423n4/2023-10-brahma/blob/dd0b41031b199a0aa214e50758943712f9f574a0/contracts/src/core/ExecutorPlugin.sol#L90
Vulnerability details
Impact
Detailed description of the impact of this finding.
Proof of Concept
executeTransaction in ExecutorPlugin is meant to execute transaction
but in _executeTxnAsModule
the code does not forward ETH when execute the transaction,
executeTransaction does not have payable keywords as well, meaning the plugin is not capable of attaching ETH when execute the transaction
Tools Used
Manual Review
Recommended Mitigation Steps
add payable keywords in function executeTransaction and forward the ETH when execute the transaction
Assessed type
ETH-Transfer