Last updated
Was this helpful?
Submitted on Feb 27th 2024 at 14:20:17 UTC by @Kenzo for
Report ID: #28792
Report type: Smart Contract
Report severity: Low
Target: https://etherscan.io/address/0x3C28B7c7Ba1A1f55c9Ce66b263B33B204f2126eA#code
Impacts:
Contract fails to deliver promised returns, but doesn't lose value
Return value of low level isn't checked, execution will resume even if the called contract throws an exception.
The function executeTransaction in the TimeLock contract is used to Executes a transaction after the delay period for Operations Multisig and Community multisig which can execute transactions without any delay. The problem occuring in the low level call made to target in _executeTransaction function. With a low level call we must verify the return value whether is false or true. Otherwise a false entry of transaction may register.
Severity: Low
Similar Incident: https://www.kingoftheether.com/postmortem.html?source=post_page-----fe794a7cdb6f--------------------------------
Check the bool returned by the .call function call and revert if it is false.
Execution will resume even if the called contract throws an exception. If the call fails accidentally or an attacker forces the call to fail, this may cause unexpected behavior in the subsequent program logic.
Affected Code:
