The _distribute function in the ProxyFactory contract executes a delegate call to a proxy contract. However, the contract lacks protection against reentrancy attacks, potentially allowing malicious actors to exploit vulnerabilities.
In the absence of reentrancy protection, malicious parties could repeatedly call the _distribute function and perform unauthorized actions, potentially compromising the contract's integrity.
Deploy the ProxyFactory contract.
Deploy a proxy contract with logic that includes an external call.
Use the deployProxyAndDistribute function to trigger the proxy contract's logic that makes an external call.
Malicious reentrant behavior is possible due to the absence of reentrancy protection.
Implement reentrancy protection mechanisms such as the nonReentrant modifier or follow established patterns like the
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.