Closed c4-submissions closed 10 months ago
141345 marked the issue as sufficient quality report
a2rocket (sponsor) disputed
specifying a gaslimit is optional.
The Warden specifies that a gas limit should be enforced on a native transaction yet fails to specify how this could lead to a vulnerability.
In this particular case, the native transfer is performed in an emergency function whose sole purpose is to simply perform the transfer, meaning the submission is invalid.
alex-ppg marked the issue as unsatisfactory: Invalid
Lines of code
https://github.com/code-423n4/2023-10-nextgen/blob/main/smart-contracts/MinterContract.sol#L461
Vulnerability details
The use of .call{value: balance}("") does not limit the gas sent along with the Ether, potentially allowing all gas in the transaction to be used by the receiver.
Assessed type
Invalid Validation