Reentrancy Vulnerability in SmartVaultManagerV5 Contract
Summary
The SmartVaultManagerV5 contract is susceptible to a reentrancy vulnerability in the mint function, potentially allowing malicious actors to manipulate the state of the contract and exploit unintended behaviors. The vulnerability arises from the use of external calls to deploy a new SmartVault and subsequent interactions without proper reentrancy protection.
Vulnerability Details
In the mint function, a new SmartVault is deployed via the ISmartVaultDeployer interface. After deploying the vault, the contract interacts with it by granting roles, emitting an event, and updating the last token ID. These interactions occur before the state changes in the _safeMint function.
The vulnerability allows a malicious SmartVault deployed during the ISmartVaultDeployer call to execute arbitrary code, including recursively calling the mint function again. This recursive call can interfere with the ongoing execution, potentially leading to unexpected states and behaviors.
Impact
If exploited, the reentrancy vulnerability could lead to unexpected state changes, unauthorized minting, and potential loss of funds or disruption of the contract's functionality.
Tools Used
Manual Review
Recommendations
Implement reentrancy protection using the "Checks-Effects-Interactions" pattern to ensure that external calls are made after state changes. Additionally, consider using the reentrancyGuard modifier to prevent reentrancy during critical operations.
Affected Component:
mint function in the SmartVaultManagerV5 contract.
Lead Judging Commences
informational/invalid
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.