Assessment reports>Nukem Loans>Discussion>SaferERC20 additional checks

SaferERC20 additional checks

The SaferERC20 contract handles sending both ERC-20 and native tokens. It does that through an if-else statement, where it checks if the token that is being sent is the native token, and if so, it checks that the value sent is enough.

However, it does not check that msg.value is zero in case the token is not the native token. This means that if a user intends to perform an operation where they are using a non-native token and by mistake send some native tokens (i.e., msg.value > 0), the operation will still be performed and the native tokens will be lost.

An example is the safeTransferToSelf function:

function safeTransferToSelf(IERC20 token, uint256 value) internal returns (uint256) {
    if(address(token) == address(0xFFfFfFffFFfffFFfFFfFFFFFffFFFffffFfFFFfF)) {
        require(msg.value >= value, "insuff.eth");
        uint256 dust = msg.value - value;
        if(dust > 0) {
            payable(msg.sender).transfer(dust);
        }
        return value;
    }
    else {
+       require(msg.value == 0, "SaferERC20: cannot transfer value with ether");
        require(token.allowance(msg.sender, address(this)) >= value, "insuff.approval");
        return safeTransferFromWithAmount(token, msg.sender, address(this), value);
    }
}

Similarly, all the other functions that handle sending tokens should check that msg.value is zero in case the token is not the native token.

Zellic © 2024Back to top ↑