Closed sherlock-admin closed 8 months ago
kgothatso
high
AvailBridge :: sendERC20
if sendERC20 sends eth to a contract address that does not accept eth the transaction will not sends the funds to to the recipient address
sendERC20
recipient
contract may not have a fallback function recipient and will revert
transaction will not send funds to
https://github.com/sherlock-audit/2023-12-avail/blob/main/contracts/src/AvailBridge.sol#L383
Manual Review
check if transaction failed before emit an event and use the funds as deposits from the same recipient
1 comment(s) were left on this issue during the judging contest.
takarez commented:
invalid because { invalid: admin set who the recipient would be}
kgothatso
high
AvailBridge :: sendERC20
can revert transaction if receive address is a contract and cause a DOS attackSummary
if
sendERC20
sends eth to a contract address that does not accept eth the transaction will not sends the funds to to therecipient
addressVulnerability Detail
contract may not have a fallback function
recipient
and will revertImpact
transaction will not send funds to
Code Snippet
https://github.com/sherlock-audit/2023-12-avail/blob/main/contracts/src/AvailBridge.sol#L383
Tool used
Manual Review
Recommendation
check if transaction failed before emit an event and use the funds as deposits from the same
recipient