The use of .send for transferring ETH in the returnVaultAssets function poses significant risks due to its fixed gas stipend of 2300 gas. This is inadequate for any recipient contract with complex logic, leading to potential failures in the transfer. If the transfer fails, the current implementation does not provide a fallback mechanism, potentially causing funds to be locked or lost.
Lines of code
https://github.com/code-423n4/2024-06-thorchain/blob/e3fd3c75ff994dce50d6eb66eb290d467bd494f5/chain/ethereum/contracts/THORChain_Router.sol#L408-L426
Vulnerability details
Impact
The use of
.send
for transferring ETH in thereturnVaultAssets
function poses significant risks due to its fixed gas stipend of 2300 gas. This is inadequate for any recipient contract with complex logic, leading to potential failures in the transfer. If the transfer fails, the current implementation does not provide a fallback mechanism, potentially causing funds to be locked or lost.Code snippet
https://github.com/code-423n4/2024-06-thorchain/blob/e3fd3c75ff994dce50d6eb66eb290d467bd494f5/chain/ethereum/contracts/THORChain_Router.sol#L408C1-L426C4
Tools Used
Manual Review
Recommended Mitigation Steps
Replace
.send
with.call
with the checks-effects-interactions pattern implemented correctlyAssessed type
ETH-Transfer