Closed sherlock-admin closed 8 months ago
rekxor
high
The function aims to enable AVAIL transfers from Avail to Ethereum
https://github.com/sherlock-audit/2023-12-avail/blob/main/contracts/src/AvailBridge.sol#L219 Incorrect Revert Condition: The vulnerability allows transactions with assetId equal to zero to proceed, contrary to the intended behavior.
assetId
The contract might allow transactions with non-zero assetId values that should have been rejected. This could lead to unexpected behavior.
if (assetId != 0x0) { revert InvalidAssetId(); }
Manual Review
To replace the vulnerable code snippet with the below code snippet:
if (assetId == 0x0) { revert InvalidAssetId(); }
1 comment(s) were left on this issue during the judging contest.
takarez commented:
invalid because {invalid: this is to ensure that its a native token(ETH in this case)}
rekxor
high
AvailBridge.sol :: receiveAVAIL() has a wrong check in the if condition L219
Summary
The function aims to enable AVAIL transfers from Avail to Ethereum
Vulnerability Detail
https://github.com/sherlock-audit/2023-12-avail/blob/main/contracts/src/AvailBridge.sol#L219 Incorrect Revert Condition: The vulnerability allows transactions with
assetId
equal to zero to proceed, contrary to the intended behavior.Impact
The contract might allow transactions with non-zero assetId values that should have been rejected. This could lead to unexpected behavior.
Tool used
Manual Review
Recommendation
To replace the vulnerable code snippet with the below code snippet: