sherlock-audit / 2024-08-saffron-finance-judging

9 stars 5 forks source link

tmotfl - Some user are not able to withdraw `variableToPendingWithdrawalAmount` #162

Open sherlock-admin2 opened 2 months ago

sherlock-admin2 commented 2 months ago

tmotfl

High

Some user are not able to withdraw variableToPendingWithdrawalAmount

Summary

withdrawAmountVariablePending will fail in the worst case

Vulnerability Detail

In function withdrawAmountVariablePending, it use transfer to transfer variableToPendingWithdrawalAmount[msg.sender] to msg.sender

  function withdrawAmountVariablePending() public {
    uint256 amount = variableToPendingWithdrawalAmount[msg.sender];
    variableToPendingWithdrawalAmount[msg.sender] = 0;
    payable(msg.sender).transfer(amount);
  }

But the problem is from solidity docs when using function transfer, calling fallback and receive function of receiver is limited to 2300 gas. Which mean if receiver is a contract that have receive() or fallback() function that consume more than 2300 gas, it will revert, lead to user are not able to claim withdraw request.

Impact

User are not able to withdrawAmountVariablePending in the worst case

Code Snippet

https://github.com/sherlock-audit/2024-08-saffron-finance/blob/38dd9c8436db341c331f1b14545770c1766fc0ee/lido-fiv/contracts/LidoVault.sol#L656

Tool used

Manual Review

Recommendation

Using call() instead of transfer()