Closed sherlock-admin closed 8 months ago
2 comment(s) were left on this issue during the judging contest.
tsvetanovv commented:
Invalid. This is intended behavior because all fees are always sent to the fee recipient and the old feeRecipient is trusted
takarez commented:
invalid because { invalid : comment says "Callable by anyone because all fees are always sent to the recipient"}
dermaroller5
medium
WithdrawFees can be called by anyone which can lead to loss of funds.
Summary
In
AvailBridge.sol
the functionWithdrawFees
allows anyone to place a withdrawal towards theFeeRecipient
. This in itself is not a problem at first glance, but could become a means to loss of funds.Vulnerability Detail
If a malicious user gains access to the fee recipient, they have the ability to consistently withdraw fees to the recipient destination. This risk persists as long as the team has not changed the fee recipient, potentially resulting in an additional loss of funds or in another example causing hindrance to the team funds
Impact
Critical Example :
withdrawFees
to old recipientTeam loses out on additional funds
Medium Example :
Regardless of the specific example chosen, the outcome remains consistent – it poses a hindrance at the very least and, in the worst-case scenario, leads to a potential loss of funds.
Code Snippet
https://github.com/sherlock-audit/2023-12-avail/blob/main/contracts/src/AvailBridge.sol#L162-L179
Tool used
Manual Review
Recommendation