@hyperlane-xyz/core

[ { "elements": [ { "type": "function", "name": "peel", "source_mapping": { "start": 1695, "length": 824, "filename_relative": "contracts/periphery/TransferOnion.sol", "filename_short": "contracts/periphery/TransferOnion.sol", "is_dependency": false, "lines": [ 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87 ], "starting_column": 5, "ending_column": 6 }, "type_specific_fields": { "parent": { "type": "contract", "name": "TransferOnion", "source_mapping": { "start": 636, "length": 1885, "filename_relative": "contracts/periphery/TransferOnion.sol", "filename_short": "contracts/periphery/TransferOnion.sol", "is_dependency": false, "lines": [ 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88 ], "starting_column": 1, "ending_column": 2 } }, "signature": "peel(TransferOnion.Layer[])" } }, { "type": "node", "name": "TOKEN.safeTransferFrom(SENDER,layer.recipient,layer.amount)", "source_mapping": { "start": 2300, "length": 61, "filename_relative": "contracts/periphery/TransferOnion.sol", "filename_short": "contracts/periphery/TransferOnion.sol", "is_dependency": false, "lines": [ 78 ], "starting_column": 13, "ending_column": 74 }, "type_specific_fields": { "parent": { "type": "function", "name": "peel", "source_mapping": { "start": 1695, "length": 824, "filename_relative": "contracts/periphery/TransferOnion.sol", "filename_short": "contracts/periphery/TransferOnion.sol", "is_dependency": false, "lines": [ 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87 ], "starting_column": 5, "ending_column": 6 }, "type_specific_fields": { "parent": { "type": "contract", "name": "TransferOnion", "source_mapping": { "start": 636, "length": 1885, "filename_relative": "contracts/periphery/TransferOnion.sol", "filename_short": "contracts/periphery/TransferOnion.sol", "is_dependency": false, "lines": [ 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67, 68, 69, 70, 71, 72, 73, 74, 75, 76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88 ], "starting_column": 1, "ending_column": 2 } }, "signature": "peel(TransferOnion.Layer[])" } } } } ], "description": "TransferOnion.peel(TransferOnion.Layer[]) (contracts/periphery/TransferOnion.sol#62-87) uses arbitrary from in transferFrom: TOKEN.safeTransferFrom(SENDER,layer.recipient,layer.amount) (contracts/periphery/TransferOnion.sol#78)\n", "markdown": "[TransferOnion.peel(TransferOnion.Layer[])](contracts/periphery/TransferOnion.sol#L62-L87) uses arbitrary from in transferFrom: [TOKEN.safeTransferFrom(SENDER,layer.recipient,layer.amount)](contracts/periphery/TransferOnion.sol#L78)\n", "first_markdown_element": "contracts/periphery/TransferOnion.sol#L62-L87", "id": "e4e68870e9d2f8a7caf9d32b8d2b1f57af2bdef51f45724b1b49397f117c3ffe", "check": "arbitrary-send-erc20", "impact": "High", "confidence": "High" }, { "elements": [ { "type": "function", "name": "donate", "source_mapping": { "start": 710, "length": 92, "filename_relative": "contracts/deployment/PortalSender.sol", "filename_short": "contracts/deployment/PortalSender.sol", "is_dependency": false, "lines": [ 27, 28, 29 ], "starting_column": 5, "ending_column": 6 }, "type_specific_fields": { "parent": { "type": "contract", "name": "PortalSender", "source_mapping": { "start": 328, "length": 476, "filename_relative": "contracts/deployment/PortalSender.sol", "filename_short": "contracts/deployment/PortalSender.sol", "is_dependency": false, "lines": [ 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30 ], "starting_column": 1, "ending_column": 2 } }, "signature": "donate()" } }, { "type": "node", "name": "PORTAL.donateETH{value: address(this).balance}()", "source_mapping": { "start": 745, "length": 50, "filename_relative": "contracts/deployment/PortalSender.sol", "filename_short": "contracts/deployment/PortalSender.sol", "is_dependency": false, "lines": [ 28 ], "starting_column": 9, "ending_column": 59 }, "type_specific_fields": { "parent": { "type": "function", "name": "donate", "source_mapping": { "start": 710, "length": 92, "filename_relative": "contracts/deployment/PortalSender.sol", "filename_short": "contracts/deployment/PortalSender.sol", "is_dependency": false, "lines": [ 27, 28, 29 ], "starting_column": 5, "ending_column": 6 }, "type_specific_fields": { "parent": { "type": "contract", "name": "PortalSender", "source_mapping": { "start": 328, "length": 476, "filename_relative": "contracts/deployment/PortalSender.sol", "filename_short": "contracts/deployment/PortalSender.sol", "is_dependency": false, "lines": [ 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30 ], "starting_column": 1, "ending_column": 2 } }, "signature": "donate()" } } } } ], "description": "PortalSender.donate() (contracts/deployment/PortalSender.sol#27-29) sends eth to arbitrary user\n\tDangerous calls:\n\t- PORTAL.donateETH{value: address(this).balance}() (contracts/deployment/PortalSender.sol#28)\n", "markdown": "[PortalSender.donate()](contracts/deployment/PortalSender.sol#L27-L29) sends eth to arbitrary user\n\tDangerous calls:\n\t- [PORTAL.donateETH{value: address(this).balance}()](contracts/deployment/PortalSender.sol#L28)\n", "first_markdown_element": "contracts/deployment/PortalSender.sol#L27-L29", "id": "57ff538ce533c88f5852cca299915d9dd842bfaa1a5c7d1a6d7c44f1a88d0e3c", "check": "arbitrary-send-eth", "impact": "High", "confidence": "Medium" } ]