krzysztofziobro
commented
5 months ago Invalid submission: A PoC is required for submission to be considered valid. You can create a new submission that contains a working PoC.
Open hats-bug-reporter[bot] opened 5 months ago
krzysztofziobro
commented
5 months ago Invalid submission: A PoC is required for submission to be considered valid. You can create a new submission that contains a working PoC.
Github username: @0xmahdirostami Twitter username: 0xmahdirostami Submission hash (on-chain): 0xdc5e623268598a3fb522fb35cea865c7d6a02b6a5e290ba94e9816ddec551676 Severity: high
Description: Description
In the
eth::most::receiveRequestfunction, there's a checkif (_destTokenAddress == wethAddress). However, this approach assumes that users can't send WETH because thewethAddressis used to differentiate between tokens and ETH.Impact
Users might expect to receive WETH but will actually receive ETH instead. This could lead to unexpected behavior, especially for contracts that only accept tokens and not ETH.
Revised Code File (Optional)
Consider using a custom address to differentiate between ETH and other tokens, ensuring consistency in handling WETH transactions.