2 matches found
Users may send more ETH in the passThruGate()
Lines of code Vulnerability details Impact When a user send ETH via the withdraw of MerkleIdentity, It will call IPriceGatetree.priceGateAddress.passThruGatevalue: msg.valuetree.priceIndex, msg.sender;. passThruGate checks whether msg.value = gate.ethCost holds. If a user accidentally sends more...
If A User Mistakenly Provides Too Much Ether To The passThruGate() Function, This Additional Amount Will Be Forever Locked Within The Contract
Lines of code Vulnerability details Impact The passThruGate function acts as a proxy function to the beneficiary address by attaching Ether to the call. If an excess of Ether is provided to the call, only gate.ethCost will be sent to the beneficiary. Excess Ether will be forever be locked in the...