Certain function should not be marked as payable, otherwise the ETH that mistakenly sent along with the function call is locked in the contract #107
Labels
bug
Something isn't working
downgraded by judge
Judge downgraded the risk level of this issue
duplicate-77
grade-a
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
Lines of code
https://github.com/code-423n4/2023-01-astaria/blob/1bfc58b42109b839528ab1c21dc9803d663df898/src/AstariaRouter.sol#L130
https://github.com/code-423n4/2023-01-astaria/blob/1bfc58b42109b839528ab1c21dc9803d663df898/src/AstariaRouter.sol#L146
https://github.com/code-423n4/2023-01-astaria/blob/1bfc58b42109b839528ab1c21dc9803d663df898/src/AstariaRouter.sol#L162
https://github.com/code-423n4/2023-01-astaria/blob/1bfc58b42109b839528ab1c21dc9803d663df898/src/AstariaRouter.sol#L178
https://github.com/code-423n4/2023-01-astaria/blob/1bfc58b42109b839528ab1c21dc9803d663df898/src/AstariaRouter.sol#L207
Vulnerability details
Impact
Certain function should not be marked as payable, otherwise the ETH that mistakenly sent along with the function call is locked in the contract
Proof of Concept
In AstairRouter.sol deposit, mint, withdraw, redeem are payable
the function pullToken is also marked as payable
These function only performs ERC20 token and are not designed to receive ETH.
The ETH that mistakenly sent along with the function call is locked in the contract In AstairRouter.sol
Tools Used
Manual Review
Recommended Mitigation Steps
We recommend the protocol remove the payable keywords for the above mentioned function.
The text was updated successfully, but these errors were encountered: