Lucene search
+L

5 matches found

Code423n4
Code423n4
added 2022/10/12 12:0 a.m.6 views

User can send an excess of ETH to L1GraphTokenGateway

Lines of code Vulnerability details Impact User can send too much ether into the contract which may get stuck if there is issues with the refund process. Proof of Concept User sends too much ether to outboundTransfer. This is sent to a refund address in Arbitrum. If Arbitrum is compromised or suc...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/10/12 12:0 a.m.9 views

If L1GraphTokenGateway's outboundTransfer is called by a contract, the entire msg.value is blackholed, whether the ticket got redeemed or not.

Lines of code Vulnerability details The outboundTransfer function in L1GraphTokenGateway is used to transfer user's Graph tokens to L2. To do that it eventually calls the standard Arbitrum Inbox's createRetryableTicket. The issue is that it passes caller's address in the submissionRefundAddress a...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/10/11 12:0 a.m.13 views

UNSAFE USAGE OF ERC20 TRANSFERFROM

Lines of code Vulnerability details Impact Ignores return value from L1GraphTokenGateway.finalizeInboundTransfer and L1GraphTokenGateway.outboundTransfer Not tracking values returned by token transfer from. finalizeInboundTransfer When escrow not approve for L1GraphTokenGateway or allowance is no...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/10/11 12:0 a.m.10 views

Ignores return value from L1GraphTokenGateway.outboundTransfer

Lines of code Vulnerability details Impact Not tracking values returned by token transfer from. So from was getted from parseOutboundData, and if encoded data is wrong, this can return not expected from address. Then from will passed into transferFrom and it not approve for escrow or allowance is...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/10/08 12:0 a.m.9 views

The L1GraphTokenGateway does not work on non-standard compliant tokens like USDT

Lines of code Vulnerability details Vulnerability details The L1GraphTokenGateway function uses the standard IERC20 function for the transfer call and proceeds with a checkReturnCode function to handle non-standard compliant tokens that don't return a return value. However, this does not work as...

6.8AI score
Exploits0
Rows per page
Query Builder