Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
code423n4Code4renaCODE423N4:2021-07-WILDCREDIT-FINDINGS-ISSUES-94
HistoryJul 14, 2021 - 12:00 a.m.

The safe versions of transfer/transferFrom are not implemented as expected

2021-07-1400:00:00
Code4rena
github.com
4
JSON

Handle

0xRajeev

Vulnerability details

Impact

The “safe” versions of token transfer/transferFrom as implemented either by OpenZeppelin’s SafeERC20 or Uniswap libraries, use a low-level call and make checks on the return data to handle cases where tokens may not return any value on transfer/transferFrom and make sure that when they do so, it is a boolean whose value is true.

The functions safeTransfer() and safeTransferFrom() implemented here do not do that and instead are wrappers around token transfer/transferFrom checking for their returned boolean values. This will not work as expected, i.e. cause a revert, with tokens that do not return a boolean in these functions.

#Proof of Concept

<https://github.com/code-423n4/2021-07-wildcredit/blob/82c48d73fd27a9d4d5d4a395b3affcef4ef6c5c8/contracts/LendingPair.sol#L468-L474&gt;

<https://github.com/OpenZeppelin/openzeppelin-contracts/blob/3935b907d40c9a23b04b721c2f61758df1caf722/contracts/token/ERC20/utils/SafeERC20.sol#L20-L97&gt;

<https://github.com/Uniswap/uniswap-lib/blob/c01640b0f0f1d8a85cba8de378cc48469fcfd9a6/contracts/libraries/TransferHelper.sol#L6-L51&gt;

Tools Used

Manual Analysis

Recommended Mitigation Steps

Re-evaluate the function implementations in the context of OZ and Uniswap versions.

The text was updated successfully, but these errors were encountered:

All reactions

JSON