search

sherlock-audit / 2023-10-aloe-judging

9 stars 6 forks source link

OxZ00mer - The functionality of payable(address).transfer will be compromised if the cost of SLOAD increases #123

Closed sherlock-admin2 closed 1 year ago

sherlock-admin2 commented 1 year ago

OxZ00mer

medium

The functionality of payable(address).transfer will be compromised if the cost of SLOAD increases

Summary

Any increase in the cost of the SLOAD opcode will cause native coin transfers with payable.transfer() to run out of gas and fail.

Vulnerability Detail

The payable.transfer() function forwards a fixed amount of 2300 gas. The gas cost of EVM instructions may change significantly during hard forks which may break already deployed contract systems that make fixed assumptions about gas costs. For example, EIP 1884 broke several existing smart contracts due to a cost increase of the SLOAD opcode from 200 to 800 gas units.

Read more about EIP-1884 here:

https://eips.ethereum.org/EIPS/eip-1884

Impact

The increase in the cost of the SLOAD opcode will render all payable.transfer() calls non-functional.

Code Snippet

https://github.com/sherlock-audit/2023-10-aloe/blob/main/aloe-ii/core/src/Borrower.sol#L283

https://github.com/sherlock-audit/2023-10-aloe/blob/main/aloe-ii/core/src/Borrower.sol#L434

Tool used

Manual Review

Recommendation

Consider changing all occurrences of payable.transfer() with address.call() with value in order to mitigate the issue.

recipient.call{ value: address(this).balance }();
sherlock-admin2 commented 1 year ago

2 comment(s) were left on this issue during the judging contest.

panprog commented:

low/info according to sherlock judging rules, refer to point 10: https://docs.sherlock.xyz/audits/judging/judging#vii.-list-of-issue-categories-that-are-not-considered-valid

MohammedRizwan commented:

valid

haydenshively commented 1 year ago

Low/informational, as pointed out by panprog