Assessment reportsPublic findings
Back to Zellic siteBack
Assessment reports>Pinocchio and p-token>Discussion>The withdraw_excess_lamports function does not prevent self-transfers
GeneralOverview
Findings
Critical (1)
High (3)
Medium (1)
Low (3)
Informational (1)
DiscussionNew off-chain implementation of impl_sysvar_get may return different ProgramErrorMissing unsafe in validate_owner functionMissing mut in Pinocchio testsAccounting error in batched instructionsUsage of magic numbers in various locationsThe invoke_signed function now enforces account orderLess robust Pubkey definitionStatically compute max_digits in log macroMessage difference in process_initialize_immutable_ownerThe withdraw_excess_lamports function does not prevent self-transfersThe Default trait implementation for Rent sysvar differs from solana-program
Audit ResultsAssessment Results

The withdraw_excess_lamports function does not prevent self-transfers

In the process_transfer function, which is responsible for transferring tokens from one account to another, there is a self-transfer check. This check compares the source and destination account to see if they are the same account, which would be a self-transfer that will be treated differently to a regular transfer.

Another function that has the ability to move tokens is the withdraw_excess_lamports function. This function is missing a check to see if the source and destination account are matching, thus allowing self-transfers. If these self-transfers are undesirable, a similar check to the process_transfer one can be added to the withdraw_excess_lamports function.

Zellic © 2025Back to top ↑