Lack of methods to rescue native tokens trapped in the FeeBuyback contract.
Vulnerability Detail
Like ERC20 tokens, the native token may also get stuck in the FeeBuyback contract for all sorts of reasons.
For example, at L77, the _aggregator is called with a msg.value, which means that the native token can be used as an inToken for the swap. Therefore, part of the input native token can be sent back to the FeeBuyback contract as a leftover.
However, the current implementation of rescueERC20() only supports rescue ERC20 tokens.
Impact
The leftover native tokens trapped in the contract can not be rescued.
WATCHPUG
medium
FeeBuyback
native token can not be rescuedSummary
Lack of methods to rescue native tokens trapped in the
FeeBuyback
contract.Vulnerability Detail
Like ERC20 tokens, the native token may also get stuck in the
FeeBuyback
contract for all sorts of reasons.For example, at L77, the
_aggregator
is called with amsg.value
, which means that the native token can be used as an inToken for the swap. Therefore, part of the input native token can be sent back to the FeeBuyback contract as a leftover.However, the current implementation of
rescueERC20()
only supports rescue ERC20 tokens.Impact
The leftover native tokens trapped in the contract can not be rescued.
Code Snippet
https://github.com/sherlock-audit/2022-11-telcoin/blob/main/contracts/fee-buyback/FeeBuyback.sol#L77-L78
https://github.com/sherlock-audit/2022-11-telcoin/blob/main/contracts/fee-buyback/FeeBuyback.sol#L94-L97
Tool used
Manual Review
Recommendation
Consider adding support to rescue native tokens.