Category: Business Logic
The protocol fee hook will always be reverted
High Severity
High Impact
High Likelihood
Description
The protocol fee hook is the hook that collects the protocol fee from the sender of the message. Specifically, the function post_dispatch
transfers the protocol fee from the caller address to itself:
fn _post_dispatch(ref self: ContractState, _metadata: Bytes, _message: Message) {
let token_dispatcher = IERC20Dispatcher { contract_address: self.fee_token.read() };
let caller_address = get_caller_address();
let contract_address = get_contract_address();
let user_balance = token_dispatcher.balance_of(caller_address);
assert(user_balance != 0, Errors::INSUFFICIENT_BALANCE);
let protocol_fee = self.protocol_fee.read();
assert(
token_dispatcher.allowance(caller_address, contract_address) >= protocol_fee,
Errors::INSUFFICIENT_ALLOWANCE
);
token_dispatcher.transfer_from(caller_address, contract_address, protocol_fee);
}
However, it should be noted that the caller of the function post_dispatch
is the Mailbox contract, which is not intended to pay the fee, causing the fee collection to fail.
Impact
The protocol fee hook will be reverted always, which may cause a failure in the dispatching of a message.
Recommendations
Consider changing the logic of the fee collection, considering the exact flow of the fee.
Remediation
This issue has been acknowledged by Pragma, and a fix was implemented in commit e6388f31↗.