stake.link

stake.link
DeFiHardhatBridge
27,500 USDC
View results
Submission Details
Severity: medium
Invalid

Lack of Reentrancy Protection in `onTokenTransfer` Function in SDLPoolPrimary.sol

Lack of Reentrancy Protection in onTokenTransfer Function

Impact

The onTokenTransfer function does not currently include reentrancy protection. This could potentially expose the contract to reentrancy attacks when interacting with external contracts.

Proof of Concept

solidity
Copy code
// In SDLPoolPrimary.sol
function onTokenTransfer(
address _sender,
uint256 _value,
bytes calldata _calldata
) external override {
if (msg.sender != address(sdlToken) && !isTokenSupported(msg.sender)) revert UnauthorizedToken();

// ... (existing code)

if (msg.sender == address(sdlToken)) {
    (uint256 lockId, uint64 lockingDuration) = abi.decode(_calldata, (uint256, uint64));
    if (lockId != 0) {
        _storeUpdatedLock(_sender, lockId, _value, lockingDuration);
    } else {
        _storeNewLock(_sender, _value, lockingDuration);
    }
} else {
    distributeToken(msg.sender);
}

}

Recommended Mitigation Steps

Implement the check-effects-interactions pattern to mitigate reentrancy vulnerabilities. Ensure that state changes are made after external calls to prevent potential reentrancy attacks.

solidity
Copy code
// In SDLPoolPrimary.sol
function onTokenTransfer(
address _sender,
uint256 _value,
bytes calldata _calldata
) external override {
if (msg.sender != address(sdlToken) && !isTokenSupported(msg.sender)) revert UnauthorizedToken();

// ... (existing code)

if (msg.sender == address(sdlToken)) {
    (uint256 lockId, uint64 lockingDuration) = abi.decode(_calldata, (uint256, uint64));
    if (lockId != 0) {
        // Move external calls to the end of the function
        _storeUpdatedLock(_sender, lockId, _value, lockingDuration);
    } else {
        _storeNewLock(_sender, _value, lockingDuration);
    }
} else {
    // Move external calls to the end of the function
    distributeToken(msg.sender);
}

}

Updates

Lead Judging Commences

0kage Lead Judge over 1 year ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.