15,000 USDC
View results
Submission Details
Severity: high

Reentrancy in DSCEngine.sol

Summary : The functions "depositCollateralAndMintDsc","liquidate","redeemCollateralForDsc" in the smart contract DSCEngine vulnerability related to reentrancy.

Vulnerability Details :

The function "depositCollateralAndMintDsc" has a reentrancy vulnerability because it makes external calls to the functions "depositCollateral" and "mintDsc" before updating certain state variables.

Reentrancy in function: "redeemCollateralForDsc"(address,uint256,uint256) (src/DSCEngine.sol#169-175):
The function "redeemCollateralForDsc"
This vulnerability is caused by the function making external calls to the "burnDsc" and "redeemCollateral" functions. After these calls, certain state variables are modified, which creates an opportunity for reentrant manipulation.

Impact : It allows an attacker to repeatedly withdraw funds or perform actions they are not supposed to do. This vulnerability can lead to unauthorized access to funds or the contract's functionality.

Tools Used : Slither tool

Recommendations : Thoroughly test with different use cases and scenarios.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.