Description
Smart contract can transfer cryptocurrency indicated by a uint256 value, which frontier only use the last 128bits as the actual amount. see https://github.com/ParaState/frontier/blob/9524d91ce301afda80c0686ca87bd33a8c63d106/frame/vm/src/runner/stack.rs#L1006
The attacker can withdraw 1<<128 + 1 WETH token from the WETH but pay 1 wei Ether.
Description
Smart contract can transfer cryptocurrency indicated by a uint256 value, which frontier only use the last 128bits as the actual amount. see
https://github.com/ParaState/frontier/blob/9524d91ce301afda80c0686ca87bd33a8c63d106/frame/vm/src/runner/stack.rs#L1006The attacker can withdraw 1<<128 + 1 WETH token from the WETH but pay 1 wei Ether.