15,000 USDC
View results
Submission Details
Severity: low

Reentrancy Vulnerability

Summary

Vulnerability Details

The redeemCollateralForDsc function calls two external functions: _burnDsc and _redeemCollateral. These functions make external calls to other contracts using the transferFrom and transfer functions. If one of these external contracts were to call a function in the DSCEngine contract before the original call to _burnDsc or _redeemCollateral has completed, it could potentially lead to a reentrancy attack.

Impact

In function redeemCollateralForDsc , if a reentrancy attack were to occur, it could potentially affect the state of variables in the DSCEngine contract. For example, the _burnDsc function updates the s_DSCMinted mapping, and the _redeemCollateral function updates the s_collateralDeposited mapping. If a reentrancy attack were to occur, it could potentially result in these variables being updated in an unexpected or incorrect manner.

Tools Used

Slither and manual review.

Recommendations

Use a non-reentrant guard on the redeemCollateralForDsc function.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.