In AvailBridge.sol, the contract doesn't record the amount of ETH/ERC20 should be crossed, if the dest chain fails to receive ETH/ERC20, the ETH/ERC20 transferred in the src chain will be lost.
Impact
In AvailBridge.sol, while transfer ETH/ERC20 to dest, if the dest can't handle the ETH/ERC20, the ETH/ERC20 will be stucked.
jasonxiale
medium
assets might be stuck in the AvailBridge
Summary
assets might be stuck in the
AvailBridge.sol
Vulnerability Detail
In
AvailBridge.sol
, the contract doesn't record the amount of ETH/ERC20 should be crossed, if the dest chain fails to receive ETH/ERC20, the ETH/ERC20 transferred in the src chain will be lost.Impact
In
AvailBridge.sol
, while transfer ETH/ERC20 todest
, if the dest can't handle the ETH/ERC20, the ETH/ERC20 will be stucked.Code Snippet
I will take AvailBridge.receiveETH as an example to demonstrate, ERC20 has the same issue. https://github.com/sherlock-audit/2023-12-avail/blob/main/contracts/src/AvailBridge.sol#L238-L263
In above code, while the contract fails to transfer ETH, the function will emit a event
But in the event, there is no information about the amount of ETH being sent.
On the other hand, when looking into
AvailBridge.sendETH
: https://github.com/sherlock-audit/2023-12-avail/blob/main/contracts/src/AvailBridge.sol#L355-L374 The contract doesn't record the amount of ETH be sent tooSo if dest fails to receive ETH, the protocol doesn't know the amount of the ETH to refund to the
msg.sender
even he wants.Tool used
Manual Review
Recommendation