Users may be unable to withdraw from their `Requestor` contract

Summary

When withdrawing leftover ETH from Requestor.sol, the contract uses Solidity’s unsafe transfer() to transfer the ETH to the caller.

Vulnerability Detail

This function is known to have some critical drawbacks when the recipient of the funds is a smart contract, which can render ETH impossible to unlock. Specifically, the transfer may fail when the smart contract implements a payable fallback function that would use more than 2300 gas units.

Impact

Users lose funds leftover in the Requestor.sol contract.

Code Snippet

https://github.com/sherlock-audit/2024-05-pooltogether/blob/1aa1b8c028b659585e4c7a6b9b652fb075f86db3/pt-v5-rng-witnet/src/Requestor.sol#L36-L40

Tool used

Manual Review

Recommendation

Use .call() instead of .transfer():

(bool success, ) = payable(_to).call{value: balance}("");
require(success, "Transfer failed.");

Duplicate of #80

sherlock-audit / 2024-05-pooltogether-judging

trachev - Users may be unable to withdraw from their `Requestor` contract #119

Users may be unable to withdraw from their `Requestor` contract

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

sherlock-audit / 2024-05-pooltogether-judging

trachev - Users may be unable to withdraw from their `Requestor` contract #119

Users may be unable to withdraw from their Requestor contract

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

Users may be unable to withdraw from their `Requestor` contract