check return value of transferfrom .

[c4-bot-1]

Lines of code

https://github.com/code-423n4/2024-02-althea-liquid-infrastructure/blob/main/liquid-infrastructure/contracts/LiquidInfrastructureERC20.sol#L418

Vulnerability details

Impact

Detailed description of the impact of this finding.

A call to transferFrom or transfer is frequently done without checking the results. For certain ERC20 tokens, if insufficient tokens are present, no revert occurs but a result of "false" is returned. So its important to check this. If you don't you could mint tokens without have received sufficient tokens to do so. So you could loose funds.

Proof of Concept

Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept.

nft.transferFrom(address(this), to, nft.AccountId());

Tools Used

Recommended Mitigation Steps

use safetransferfrom or safe transfer.

Assessed type

ERC20

[c4-pre-sort]

0xRobocop marked the issue as duplicate of #605

[c4-judge]

0xA5DF marked the issue as unsatisfactory: Out of scope