Lines of code
<https://github.com/prepo-io/prepo-monorepo/blob/feat/2022-12-prepo/apps/smart-contracts/core/contracts/RedeemHook.sol#L22&gt;
<https://github.com/prepo-io/prepo-monorepo/blob/feat/2022-12-prepo/apps/smart-contracts/core/contracts/WithdrawHook.sol#L77&gt;

Vulnerability details

Impact

Several functions are send()using is used by the across several functions to transfer ETH/WETH. send() uses a fixed amount of gas, which was used to prevent reentrancy. However this limit your protocol to interact with others contracts that need more than that to process the transaction.

Proof of Concept

These will inevitably fail when:

1. The withdrawer smart contract does not implement a payable fallback function.
2. The withdrawer smart contract implements a payable fallback function which uses more than 2_300 gas units.
3. The withdrawer smart contract implements a payable fallback function which needs less than 2_300 gas units but is called through a proxy that raises the call’s gas usage above 2_300.

send() uses a fixed amount of gas, which can result in revert. <https://consensys.net/diligence/blog/2019/09/stop-using-soliditys-transfer-now/&gt;

Tools Used

Manual Review

Recommended Mitigation Steps

Use call instead of send(). Example: (bool succeeded, ) = _to.call{value: _amount}(“”); require(succeeded, “Transfer failed.”);

The text was updated successfully, but these errors were encountered:

All reactions