Closed sherlock-admin2 closed 8 months ago
1 comment(s) were left on this issue during the judging contest.
takarez commented:
invalid because { invalid: the function give the ability for the sender to put the recipient address; its now his responsibility to make sure that the recipient can recieve those tokens}
ravikiran.web3
high
AvailBridge::sendAVAIL() could result in caller losing of Avail in the AvailBridge contract on Ethereum blockchain
Summary
sendAVAIL() function provides for sending Avail tokens from Ethereum to Avail blockchain. In Avail, the tokens should be native tokens and hence the receipient account should have the ability to receive the tokens.
In the case where receipient is a smart contract with out the ability to receive native tokens, the queued message cannot be processed on the avail blockchain. But, on the other hand, the avail tokens are already burnt in the Ethereum blockchain resulting in losing of those tokens permanently.
[Smart contracts with out receive, fallback or payable functions cannot receive the native tokens. Assuming receipient in the message is a smart contract without receive, fallback functions and hence message will not be processed successfully]
Vulnerability Detail
Smart contracts with out receive, fallback functions cannot receive native tokens. So, when Avail is send from Ethereum Bridge to Avail bridge with, the Avail tokens are burnt on the Ethereum blockchain. On processing of the message by the light weight client, the avail tokens should be credited to the receipient account. But due to lack of support to receive the native token, the actually crediting of tokens in the destination blockchain will fail.
So, the tokens burnt on the source blockchain will be lost. There is no provision to recover such tokens.
Impact
Loss of tokens, funds in the cross chain transfers,
Code Snippet
https://github.com/sherlock-audit/2023-12-avail/blob/main/contracts/src/AvailBridge.sol#L329C14-L349
In the sendAVAIL() function, the avail tokens are burnt on the ethereum blockchain as below.
Tool used
Manual Review
Recommendation
The issue is complex as the dynamics of two blockchains comes into play. The suggestion is to provision a revert in the Avail side and sent back the tokens the sender account.