search

sherlock-audit / 2022-11-telcoin-judging

0 stars 0 forks source link

WATCHPUG - `FeeBuyback` native token can not be rescued #80

Open sherlock-admin opened 1 year ago

sherlock-admin commented 1 year ago

WATCHPUG

medium

FeeBuyback native token can not be rescued

Summary

Lack of methods to rescue native tokens trapped in the FeeBuyback contract.

Vulnerability Detail

Like ERC20 tokens, the native token may also get stuck in the FeeBuyback contract for all sorts of reasons.

For example, at L77, the _aggregator is called with a msg.value, which means that the native token can be used as an inToken for the swap. Therefore, part of the input native token can be sent back to the FeeBuyback contract as a leftover.

However, the current implementation of rescueERC20() only supports rescue ERC20 tokens.

Impact

The leftover native tokens trapped in the contract can not be rescued.

Code Snippet

https://github.com/sherlock-audit/2022-11-telcoin/blob/main/contracts/fee-buyback/FeeBuyback.sol#L77-L78

https://github.com/sherlock-audit/2022-11-telcoin/blob/main/contracts/fee-buyback/FeeBuyback.sol#L94-L97

Tool used

Manual Review

Recommendation

Consider adding support to rescue native tokens.

amshirif commented 1 year ago

https://github.com/telcoin/telcoin-staking/pull/10

jack-the-pug commented 1 year ago

Fix confirmed