sherlock-audit/2024-04-teller-finance-judging

FastTiger - Locking Collateral in the Contract

Closed this issue · 0 comments

sherlock-admin4 commented

FastTiger

high

Locking Collateral in the Contract

Summary

Tokens will be permanently locked in the LenderCommitmentGroup_Smart contract if used as a principal token.

Vulnerability Detail

Certain ERC20 tokens, like BNB, return a bool value instead of reverting when transfer() and transferFrom() function calls fail. This can lead to transaction failures not being reverted, potentially resulting in loss of funds.

Impact

Failure of token transfers can lead to significant issues. For instance, using a token like BNB as the principal token may cause users to lose their poolShareToken.

Code Snippet

https://github.com/sherlock-audit/2024-04-teller-finance/blob/main/teller-protocol-v2-audit-2024/packages/contracts/contracts/LenderCommitmentForwarder/extensions/LenderCommitmentGroup/LenderCommitmentGroup_Smart.sol#L412
https://github.com/sherlock-audit/2024-04-teller-finance/blob/main/teller-protocol-v2-audit-2024/packages/contracts/contracts/LenderCommitmentForwarder/extensions/LenderCommitmentGroup/LenderCommitmentGroup_Smart.sol#L313
https://github.com/sherlock-audit/2024-04-teller-finance/blob/main/teller-protocol-v2-audit-2024/packages/contracts/contracts/LenderCommitmentForwarder/extensions/LenderCommitmentGroup/LenderCommitmentGroup_Smart.sol#L446
https://github.com/sherlock-audit/2024-04-teller-finance/blob/main/teller-protocol-v2-audit-2024/packages/contracts/contracts/LenderCommitmentForwarder/extensions/LenderCommitmentGroup/LenderCommitmentGroup_Smart.sol#L459

Tool used

Manual Review

Recommendation

Consider using OpenZeppelin's safeTransfer()/safeTransferFrom() function, which can handle cases where the return value is missing.

Duplicate of #50