hats-finance / Most--Aleph-Zero-Bridge-0xab7c1d45ae21e7133574746b2985c58e0ae2e61d

Aleph Zero bridge to Ethereum
Apache License 2.0
0 stars 1 forks source link

rebasing Tokens Incompatible with `eth::most` #11

Open hats-bug-reporter[bot] opened 7 months ago

hats-bug-reporter[bot] commented 7 months ago

Github username: @0xmahdirostami Twitter username: 0xmahdirostami Submission hash (on-chain): 0xdc5e623268598a3fb522fb35cea865c7d6a02b6a5e290ba94e9816ddec551676 Severity: medium

Description: Description\ The sendRequest function transfers tokens from msg.sender. However, some tokens have rebasing mechanisms, which means their balance changed by passing time. This inconsistency can cause sendRequestNative transactions to revert later on.

Impact\ Denial-of-Service (DoS) vulnerability in the sendRequestNative function.

krzysztofziobro commented 7 months ago

Invalid submission: A PoC is required for submission to be considered valid. You can create a new submission that contains a working PoC.