Users may be unable to withdraw from their Requestor contract
Summary
When withdrawing leftover ETH from Requestor.sol, the contract uses Solidity’s unsafe transfer() to transfer the ETH to the caller.
Vulnerability Detail
This function is known to have some critical drawbacks when the recipient of the funds is a smart contract, which can render ETH impossible to unlock. Specifically, the transfer may fail when the smart contract implements a payable fallback function that would use more than 2300 gas units.
Impact
Users lose funds leftover in the Requestor.sol contract.
trachev
medium
Users may be unable to withdraw from their
Requestor
contractSummary
When withdrawing leftover ETH from
Requestor.sol
, the contract uses Solidity’s unsafetransfer()
to transfer the ETH to the caller.Vulnerability Detail
This function is known to have some critical drawbacks when the recipient of the funds is a smart contract, which can render ETH impossible to unlock. Specifically, the transfer may fail when the smart contract implements a payable fallback function that would use more than 2300 gas units.
Impact
Users lose funds leftover in the
Requestor.sol
contract.Code Snippet
https://github.com/sherlock-audit/2024-05-pooltogether/blob/1aa1b8c028b659585e4c7a6b9b652fb075f86db3/pt-v5-rng-witnet/src/Requestor.sol#L36-L40
Tool used
Manual Review
Recommendation
Use
.call()
instead of.transfer()
:Duplicate of #80