sherlock-admin2
commented
9 months ago 1 comment(s) were left on this issue during the judging contest.
takarez commented:
valid because { This is a valid issue and a dupp of 008 with same impact }
Closed sherlock-admin2 closed 9 months ago
sherlock-admin2
commented
9 months ago 1 comment(s) were left on this issue during the judging contest.
takarez commented:
valid because { This is a valid issue and a dupp of 008 with same impact }
iberry
medium
Unhandled return value of rewardToken.transferFrom in topUp can lead to fund loss
Summary
Unhandled return value of rewardToken.transferFrom in topUp
Vulnerability Detail
RewardToken use transferFrom to transfer token don't safe because it don't check return value.ERC20 implementations are not always consistent. Some implementations of transfer and transferFrom could return ‘false’ on failure instead of reverting. It is safer to wrap such calls into require() statements or use safe wrapper functions implementing return value/data checks to handle these failures.
Impact
medium May be lead to fund loss for recipients .
Code Snippet
Bug exist at line 267 https://github.com/sherlock-audit/2024-01-telcoin/blob/main/telcoin-audit/contracts/telx/core/StakingRewardsManager.sol#L267-L272
Tool used
Manual Review
Recommendation
use safeTransferFrom to transfer
Duplicate of #8