Possible DDOS in PA1D contract if payout is the contract with receive or fallback that uses more then 2300 gas #182
Labels
bug
Something isn't working
duplicate
This issue or pull request already exists
QA (Quality Assurance)
Assets are not at risk. State handling, function incorrect as to spec, issues with clarity, syntax
Lines of code
https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/enforcer/PA1D.sol#L382-L399
Vulnerability details
Impact
PA1D._payoutEth
function is used to pay fees to the fee receivers. It takes an array of receivers and send payment to them one by one.It uses
transfer
method for sending payout. It sends only 2300 gas to the receiver. If receiver contract needs more than 2300 gas to receive payout, then the function will revert, so no one from fee receivers will not receive anything.Proof of Concept
https://github.com/code-423n4/2022-10-holograph/blob/main/contracts/enforcer/PA1D.sol#L382-L399
Tools Used
VsCode
Recommended Mitigation Steps
Use
call
method instead or better allow receivers to claim fees for themselves.The text was updated successfully, but these errors were encountered: