c4-pre-sort
commented
7 months ago raymondfam marked the issue as insufficient quality report
Closed c4-bot-9 closed 7 months ago
c4-pre-sort
commented
7 months ago raymondfam marked the issue as insufficient quality report
c4-pre-sort
commented
7 months ago raymondfam marked the issue as duplicate of #22
c4-judge
commented
7 months ago hansfriese marked the issue as unsatisfactory: Out of scope
Lines of code
https://github.com/code-423n4/2024-03-pooltogether/blob/main/pt-v5-vault/src/PrizeVault.sol#L939
Vulnerability details
Impact
Detailed description of the impact of this finding. Here we are not checking the return of transfer function.we cannot know whether transfer has happened or not.
Proof of Concept
Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. if (_receiver != address(this)) { @> _asset.transfer(_receiver, _assets); }
Tools Used
Recommended Mitigation Steps
( success,) _asset.transfer(_receiver, _assets); require(success,"Token transfer);
Assessed type
Token-Transfer