Potential Revert on Insufficient Balance Transactions

Summary

In the _withdraw function, if the contract doesn't have enough tokens, trying to transfer them with _asset.safeTransfer will make the transaction fail.

Vulnerability Detail

In the _withdraw function, the contract attempts to transfer tokens using _asset.safeTransfer. If the contract does not have enough balance to fulfill the transfer, the safeTransfer function will cause the transaction to revert.

Impact

It could lead to unexpected transaction failures.

Code Snippet

function _withdraw(address _receiver, uint256 _assets) internal {
    // The vault accumulates dust from rounding errors over time, so if we can fulfill the withdrawal from the
    // latent balance, we don't need to redeem any yield vault shares.
    uint256 _latentAssets = _asset.balanceOf(address(this));
    if (_assets > _latentAssets) {
        // The latent balance is subtracted from the withdrawal so we don't withdraw more than we need.
        uint256 _yieldVaultShares = yieldVault.previewWithdraw(_assets - _latentAssets);
        // Assets are sent to this contract so any leftover dust can be redeposited later.
        yieldVault.redeem(_yieldVaultShares, address(this), address(this));
    }
    if (_receiver != address(this)) {
        _asset.safeTransfer(_receiver, _assets);
    }
}

https://github.com/sherlock-audit/2024-05-pooltogether/blob/main/pt-v5-vault/src/PrizeVault.sol#L1054C1-L1067C6

Tool used

Manual Review

Recommendation

Check balance before transfer.

sherlock-admin4 commented 2 months ago

1 comment(s) were left on this issue during the judging contest.

infect3d commented:

expected

nevillehuang commented 2 months ago

Invalid, if contract does not have sufficient tokens, it is correct to revert

sherlock-audit / 2024-05-pooltogether-judging

newt - Potential Revert on Insufficient Balance Transactions #78