Closed sherlock-admin closed 8 months ago
2 comment(s) were left on this issue during the judging contest.
tsvetanovv commented:
Invalid. User mistake. See Sherlock documentation
takarez commented:
valid because { valid and a duplicate of issue 013}
m4ttm
high
Excess funds are lost when using sendMessage
Summary
sendMessage
is used to bridge a transaction of arbitrary data to a given recipient. A fee is calculated but if excess Ether is sent, it will not be returned.Vulnerability Detail
The user can send an arbitrary amount of Ether to
sendMessage
and there is a single check to determine that it exceeds the required fee. No excess is returned.Impact
Since
onAvailMessage
is not payable, it is assumed that the recipient does not get these funds with the message. The sender will pay a higher fee for no apparent reason.Code Snippet
https://github.com/sherlock-audit/2023-12-avail/blob/1afb56b8d4dfbf5d3f21bed0ddf80a04730204b5/contracts/src/AvailBridge.sol#L300-L321
Tool used
Manual Review
Recommendation
Calculate the excess fee paid and return it.