Beginner FriendlyFoundry
100 EXP
View results
Submission Details
Severity: high
Invalid

an attacker to drain the contract's balance during reward distribution. By using a low-level call, an attacker could create a malicious contract that reenters the `_sendEth` function,

Summary

In the the contract, it contains a reentrancy vulnerability in the _sendEth function, which could allow an attacker to drain the contract's balance during reward distribution. By using a low-level call, an attacker could create a malicious contract that reenters the _sendEth function, potentially causing unexpected behavior and financial loss.

Vulnerability Details

// sends eth using low-level call as we don't care about returned data
function _sendEth(address dest, uint256 amount) private {
// Vulnerability: Reentrancy vulnerability during external calls
bool sendStatus;
assembly {
sendStatus := call(gas(), dest, amount, 0, 0, 0, 0)
}
require(sendStatus, "DP: failed to send eth");
}

a malicious contract that repeatedly calls the _sendEth function, initiating reentrancy and potentially draining the contract's balance.

Tools Used

Remix IDE for smart contract deployment and testing.

Recommendations

Mitigate the reentrancy vulnerability using the checks-effects-interactions pattern. Move the state-changing operations to the end of the function and ensure that external calls are made after all internal state changes. Below is an example modification to the _sendEth function:

// Updated _sendEth function with checks-effects-interactions pattern
function _sendEth(address dest, uint256 amount) private {
// Checks: Ensure the contract has sufficient balance
require(address(this).balance >= amount, "Insufficient contract balance");
// Effects: Update contract state before the external call
// ...
// Interactions: External call made after all internal state changes
bool sendStatus;
assembly {
sendStatus := call(gas(), dest, amount, 0, 0, 0, 0)
}
require(sendStatus, "DP: failed to send eth");
}
Updates

Lead Judging Commences

0xnevi Lead Judge
over 1 year ago
0xnevi Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Other

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.