First Flight #2: Puppy Raffle
First Flight #2
Beginner FriendlyFoundryNFT
100 EXP
View results
Previous Next
Submission Details
Severity: high
Invalid

use transfer instead of sendValue, potential reentrancy attacks

0xtheblackpanther

Summary

Use the built-in transfer method for secure and safe Ether transfers in Solidity, as it automatically reverts the transaction in case of failure, preventing unintended loss of funds and enhancing contract security

Vulnerability Details

The use of the sendValue method for Ether transfers can potentially expose the contract to security vulnerabilities due to its lack of automatic transaction reversal on failure, making it susceptible to reentrancy attacks and unintentional fund loss; using the secure transfer method is recommended.

Impact

The vulnerability could lead to reentrancy attacks, fund losses, and overall security risks, highlighting the importance of replacing sendValue with the more secure transfer method for Ether transfers in the contract.

Tools Used

  • Foundry and manual review

Recommendations

"Using transfer instead of sendValue is a security best practice, as it automatically reverts the transaction in case of failure, preventing potential Ether loss due to errors in the recipient contract, thus enhancing contract security."

-payable(msg.sender).sendValue(entranceFee);
+payable(msg.sender).transfer(entranceFee);
Updates

Lead Judging Commences

Hamiltonite Lead Judge about 2 years ago
Submission Judgement Published
Invalidated
Reason: Other
0xtheblackpanther Submitter
about 2 years ago
patrickalphac Lead Judge
about 2 years ago
patrickalphac Lead Judge
about 2 years ago
Hamiltonite Lead Judge about 2 years ago
Submission Judgement Published
Invalidated
Reason: Other
Hamiltonite Lead Judge about 2 years ago
Submission Judgement Published
Invalidated
Reason: Other

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!