XDZIBEC - XO-Insufficient Token Balance Check in _sendPortfolio Function

[sherlock-admin]

XDZIBEC

medium

XO-Insufficient Token Balance Check in _sendPortfolio Function

Summary

• The vulnerability is in the line of code that calls thesafeTransfer() function. This function will revert if the sender does not have enough tokens to send, the code does not check to see if the sender has enough tokens before calling thesafeTransfer() function. This means that it is possible for the function to send more tokens than the sender has, which will result in a loss of tokens

  Vulnerability Detail

  */
  function _sendPortfolio(address token, address receiver, uint256 amount) internal virtual {
      AddressUtils.checkNotZero(token);
      AddressUtils.checkNotZero(receiver);
      _checkAmountPositive(amount);
      _require(receiver != address(this), Errors.RECEIVER_INVALID);
  
      uint256 portfolio = _getPortfolio(token);
      amount = amount.min(_getBalance(token) - portfolio);
  
      _require(amount > 0, Errors.POOL_BALANCE_INSUFFICIENT);
  
      _setPortfolio(token, portfolio + amount);
  
      IERC20(token).safeTransfer(receiver, amount);
  
      emit PortfolioSent(token, receiver, amount);
  }
  
  /**

• The _sendPortfolio() function is responsible for sending a specified amount of tokens to a designated receiver, it fails to include a crucial check to ensure that the sender possesses an adequate token balance before initiating the transfer, and the safeTransfer() function will revert if the sender does not have enough tokens to send and the code does not check to see if the sender has enough tokens before calling the safeTransfer() function. As a result, tokens may be sent even if the sender does not possess enough tokens to fulfill the transaction. This can lead to a loss of tokens for the sender.

  Impact

• The vulnerability can result in a loss of tokens for the sender, which can have a significant impact depending on the quantity of tokens involved.

  Code Snippet

• https://github.com/sherlock-audit/2023-04-unitasprotocol/blob/main/Unitas-Protocol/src/PoolBalances.sol#L82C1-L101C8

  Tool used

Manual Review

Recommendation

• Add a check to the _sendPortfolio() function to see if the sender has enough tokens to send.
• Add this line of code to check to see if the sender has enough tokens to send. If the sender does not have enough tokens, the function will revert.

  _require(_getBalance(token) >= amount, Errors.INSUFFICIENT_BALANCE);