XO-Insufficient Token Balance Check in _sendPortfolio Function
Summary
The vulnerability is in the line of code that calls thesafeTransfer() function. This function will revert if the sender does not have enough tokens to send, the code does not check to see if the sender has enough tokens before calling thesafeTransfer() function. This means that it is possible for the function to send more tokens than the sender has, which will result in a loss of tokens
The _sendPortfolio() function is responsible for sending a specified amount of tokens to a designated receiver, it fails to include a crucial check to ensure that the sender possesses an adequate token balance before initiating the transfer, and the safeTransfer() function will revert if the sender does not have enough tokens to send and the code does not check to see if the sender has enough tokens before calling the safeTransfer() function. As a result, tokens may be sent even if the sender does not possess enough tokens to fulfill the transaction. This can lead to a loss of tokens for the sender.
Impact
The vulnerability can result in a loss of tokens for the sender, which can have a significant impact depending on the quantity of tokens involved.
XDZIBEC
medium
XO-Insufficient Token Balance Check in _sendPortfolio Function
Summary
The vulnerability is in the line of code that calls the
safeTransfer()
function. This function will revert if the sender does not have enoughtokens
to send, the code does not check to see if thesender
has enough tokens before calling thesafeTransfer()
function. This means that it is possible for the function to send moretokens
than the sender has, which will result in a loss of tokensVulnerability Detail
_sendPortfolio()
function is responsible for sending a specifiedamount
of tokens to a designated receiver, it fails to include a crucial check to ensure that the sender possesses an adequate token balance before initiating the transfer, and thesafeTransfer()
function will revert if the sender does not have enough tokens to send and the code does not check to see if the sender has enough tokens before calling thesafeTransfer()
function. As a result, tokens may be sent even if the sender does not possess enough tokens to fulfill the transaction. This can lead to a loss of tokens for the sender.Impact
Code Snippet
Tool used
Manual Review
Recommendation
_sendPortfolio()
function to see if the sender has enough tokens to send.