Return values of ERC20 transfer and transferFrom are unchecked

Handle shw Vulnerability details Impact In the contract RCTreasury, the return values of ERC20 transfer and transferFrom are not checked, which could be false if the transferred token is not ERC20-compliant. In that case, the transfer fails without being noticed by the calling contract. Proof of...

Function foreclosureTimeUser returns a shorter user's foreclosure time than expected

Handle shw Vulnerability details Impact The function foreclosureTimeUser of RCTreasury underestimates the user's foreclosure time if the current time is not the user's last rent calculation time. The underestimation of the foreclosure time could cause wrong results when determining the new owner ...

Use SafeERC20/TransferHelper on RCTreasury

Handle adelamo Vulnerability details Impact Even though the uberOwner controls what ERC20 to use on RCTreasury, it is highly recommendable to use TransferHelper or SafeERC20 in order to interact safely with the ERC20. Tools Used Editor --- The text was updated successfully, but these errors were...

Unused return value from erc20.transfer()/ erc20.transferFrom()

Handle JMukesh Vulnerability details Impact It is usually good to add a require-statement that checks the return value or to use something like safeTransfer; unless one is sure the given token reverts in case of a failure Proof of Concept In RcTreasury.sol Tools Used manual review Recommended...