search

sherlock-audit / 2023-02-blueberry-judging

12 stars 5 forks source link

saian - BlueBerryBank lend and withdrawLend will revert if fee is 0 #358

Closed github-actions[bot] closed 1 year ago

github-actions[bot] commented 1 year ago

saian

false

BlueBerryBank lend and withdrawLend will revert if fee is 0

Summary

BlueBerryBank lend and withdraw functions will revert if fee is set to 0 and erc20 token revert on 0 token amount transfer

Vulnerability Detail

In lend and withdrawlend functions, a fee is taken from the amount deposited and withdraw. If the fee is set to 0, then the function will transfer a 0 fee amount to the treasury. If the erc20 token reverts on 0 token transfer, then the functions will revert.

Impact

lend and withdrawlend functions will revert for erc20 tokens that revert on zero token transfer

Code Snippet

https://github.com/sherlock-audit/2023-02-blueberry/blob/main/contracts/BlueBerryBank.sol#L892

    function doCutDepositFee(address token, uint256 amount)
        internal
        returns (uint256)
    {
        if (config.treasury() == address(0)) revert NO_TREASURY_SET();
        uint256 fee = (amount * config.depositFee()) / DENOMINATOR;
        IERC20Upgradeable(token).safeTransfer(config.treasury(), fee);
        return amount - fee;
    }

    function doCutWithdrawFee(address token, uint256 amount)
        internal
        returns (uint256)
    {
        if (config.treasury() == address(0)) revert NO_TREASURY_SET();
        uint256 fee = (amount * config.withdrawFee()) / DENOMINATOR;
        IERC20Upgradeable(token).safeTransfer(config.treasury(), fee);
        return amount - fee;
    }

Tool used

Manual Review

Recommendation

If fee amount is 0, skip token transfer

    function doCutDepositFee(address token, uint256 amount)
        internal
        returns (uint256)
    {
        if (config.treasury() == address(0)) revert NO_TREASURY_SET();
        uint256 fee = (amount * config.depositFee()) / DENOMINATOR;
        if(fee > 0)
            IERC20Upgradeable(token).safeTransfer(config.treasury(), fee);
        return amount - fee;
    }

    function doCutWithdrawFee(address token, uint256 amount)
        internal
        returns (uint256)
    {
        if (config.treasury() == address(0)) revert NO_TREASURY_SET();
        uint256 fee = (amount * config.withdrawFee()) / DENOMINATOR;
        if(fee > 0)
            IERC20Upgradeable(token).safeTransfer(config.treasury(), fee);
        return amount - fee;
    }