`withdrawETH` function always reverts on `Arbitrum`

Summary

withdrawETH function Converts aWETH tokens back into ETHand transfers it to the specified recipient.

Root Cause

The token transfer is done using the transferFrom method. This works fine on most chains (Ethereum, Optimism, Polygon) which use the standard WETH9 contract that handles the case src == msg.sender:

if (src != msg.sender && allowance[src][msg.sender] != uint(- 1)) {
            require(allowance[src][msg.sender] >= wad);
            allowance[src][msg.sender] -= wad;
        }

The problem is that the WETH implementation on Arbitrum uses a different contract and does not have this src == msg.sender handling.

Internal Pre-conditions

No response

External Pre-conditions

No response

Attack Path

No response

Impact

withdrawETH function will revert on Arbitrum

PoC

No response

Mitigation

use transfer instead transferFrom

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

004.md

004.md

`withdrawETH` function always reverts on `Arbitrum`

Summary

Root Cause

Internal Pre-conditions

External Pre-conditions

Attack Path

Impact

PoC

Mitigation

Files

004.md

Latest commit

History

004.md

File metadata and controls

withdrawETH function always reverts on Arbitrum

Summary

Root Cause

Internal Pre-conditions

External Pre-conditions

Attack Path

Impact

PoC

Mitigation

`withdrawETH` function always reverts on `Arbitrum`