Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
code423n4Code4renaCODE423N4:2023-05-MAIA-FINDINGS-ISSUES-866
HistoryJul 05, 2023 - 12:00 a.m.

In VirtualAccount.sol.withdrawERC20(), Transaction revert if the Token does not support 0 value transfer

2023-07-0500:00:00
Code4rena
github.com
3
virtualaccount
withdrawerc20
erc20
token-transfer
vulnerability
zero value
revert
JSON

Lines of code

Vulnerability details

Impact

In VirtualAccount.sol.withdrawERC20(), Transaction revert if the Token does not support 0 value transfer when transferring tokens to recipient address.

File: src/ulysses-omnichain/VirtualAccount.sol

31    function withdrawERC20(address _token, uint256 _amount) external requiresApprovedCaller {
32        _token.safeTransfer(msg.sender, _amount);
33    }

The withdrawERC20() function provides the ability to withdraw ANY ERC20 tokens. The issue is there are some token which reverts with zero value transfers. Tokens like LEND token, etc. The issue is at L-167, if the erc20Data.amount is 0, the code would revert if the ERC20 token does not support 0 value transfer.

According to <https://github.com/d-xo/weird-erc20#revert-on-zero-value-transfers&gt;

Some tokens (e.g. LEND) revert when transferring a zero value amount.

#Proof of Concept

Tools Used

Manual review

Recommended Mitigation Steps

Recommend to check if the amount is 0 before performing withdraw in withdrawERC20() function.

File: src/ulysses-omnichain/VirtualAccount.sol

    function withdrawERC20(address _token, uint256 _amount) external requiresApprovedCaller {
+        if(_amount != 0){
        _token.safeTransfer(msg.sender, _amount);
+   }
    }

Assessed type

Token-Transfer

The text was updated successfully, but these errors were encountered:

All reactions

JSON