When the ETH interaction fails, the event will also be triggered normally #4
Labels
3 (High Risk)
Assets can be stolen/lost/compromised directly
bug
Something isn't working
duplicate-17
edited-by-warden
🤖_primary
AI based primary recommendation
🤖_03_group
AI based duplicate group recommendation
satisfactory
satisfies C4 submission criteria; eligible for awards
sufficient quality report
This report is of sufficient quality
Lines of code
https://github.com/code-423n4/2024-06-thorchain/blob/e3fd3c75ff994dce50d6eb66eb290d467bd494f5/chain/ethereum/contracts/THORChain_Router.sol#L195
https://github.com/code-423n4/2024-06-thorchain/blob/e3fd3c75ff994dce50d6eb66eb290d467bd494f5/chain/ethereum/contracts/THORChain_Router.sol#L212
https://github.com/code-423n4/2024-06-thorchain/blob/e3fd3c75ff994dce50d6eb66eb290d467bd494f5/chain/ethereum/contracts/THORChain_Router.sol#L277
https://github.com/code-423n4/2024-06-thorchain/blob/e3fd3c75ff994dce50d6eb66eb290d467bd494f5/chain/ethereum/contracts/THORChain_Router.sol#L323
Vulnerability details
Impact
For some failed interaction operations, the contract will be returned to ETH, but related events will be triggered and captured normally, which may lead to abnormal status.
Proof of Concept
Here are specific examples of the problem.
What needs to be declared is:
In these instances, those related to the transferOut event can be processed normally because processing has been implemented
But the transferOutAndCall related event does not, as it does not have relevant rules to handle situations where the transfer fails but an unexpected event is sent out.
github:[1]
github:[2]
github:[3]
github:[4]
Tools Used
Manual review
Recommended Mitigation Steps
After the interaction fails and returns ETH or ERC20, directly return the function instead of continuing to trigger the event.
Here is an example.
Assessed type
Error
The text was updated successfully, but these errors were encountered: