Closed sherlock-admin2 closed 9 months ago
Invalid, as mentioned in contest details, FOT tokens are not supported
Are there any FEE-ON-TRANSFER tokens interacting with the smart contracts?
No
1 comment(s) were left on this issue during the judging contest.
pratraut commented:
'invalid as fee on transfer token is not in scope'
recursiveEth
high
Fee-on-transfer tokens aren't supported
Summary
Fee-on-transfer tokens aren't supported by the current escrow implementation
Vulnerability Detail
In
VestingEscrowFactory.sol
the amount varaible is used to transfer the tokens to address where Escrow contract is deployed. https://github.com/sherlock-audit/2024-01-rio-vesting-escrow/blob/main/rio-vesting-escrow/src/VestingEscrowFactory.sol#L65but the actual token transfer to the Escrow will be less than the Amount which they are keeping track of ,
VestingEScorw:totalLocked()
it represent the amount of tokens locked inside the contract which was assigned the value of amount investingEScorwFactory.sol
at the time of deployement. This will cause the call to create a new instance of Escrow trigger the following revert inVestingEscrow:intialize()
.suppose totalLocked value is 5000, but actual token value locked inside is 4900 this if statment cause revert because totalLocked balance will be always greater.
Impact
The protocol prevents the use of fee-on-transfer tokens without explicitly defining these conditions. The inability to do so doesn't require malicious action by either party and given the sponsor comment with regard to compatible tokens this doesn't appear to be addressed:
But, the organization could do whatever they want - just we would recommend against that."
Code Snippet
https://github.com/sherlock-audit/2024-01-rio-vesting-escrow/blob/main/rio-vesting-escrow/src/VestingEscrow.sol#L92
Tool used
Manual Review
Recommendation
Change the value passed to totalLocked while deploying VestingEscrowFactory from amount to the actual amount to tokens transferred to the Escrow, this is just a thought their may be some other ways.