The Standard

DeFiHardhat

20,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

Unrestricted Multiple Claims in `claimRewards` Function

daniel526

Summary

The claimRewards function in the provided Solidity contract does not implement proper checks to prevent users from making multiple claims, potentially allowing malicious actors to exploit the contract's functionality by repeatedly calling the function.

Vulnerability Details

The claimRewards function allows users to claim their rewards for each accepted token without enforcing restrictions on the number of claims. This lack of validation opens the possibility for a malicious actor to repeatedly call the function, potentially draining resources or manipulating the contract's behavior.

function claimRewards() external {

ITokenManager.Token[] memory _tokens = ITokenManager(tokenManager).getAcceptedTokens();

for (uint256 i = 0; i < _tokens.length; i++) {

ITokenManager.Token memory _token = _tokens[i];

uint256 _rewardAmount = rewards[abi.encodePacked(msg.sender, _token.symbol)];

if (_rewardAmount > 0) {

delete rewards[abi.encodePacked(msg.sender, _token.symbol)];

if (_token.addr == address(0)) {

(bool _sent,) = payable(msg.sender).call{value: _rewardAmount}("");

require(_sent);

} else {

IERC20(_token.addr).transfer(msg.sender, _rewardAmount);

}

Impact

The lack of proper checks in the claimRewards function allows malicious users to exploit the contract by making multiple claims, potentially draining resources intended for other legitimate users. This could lead to an imbalance in the distribution of rewards and affect the fairness of the contract.

Tools Used

Manual

Recommendations

Implement a check to ensure one-time claiming for each user. Maintain a mapping that tracks whether a user has already claimed rewards, and include a condition in the claimRewards function to prevent multiple claims from the same address.

mapping(address => bool) public hasClaimedRewards;

function claimRewards() external {

require(!hasClaimedRewards[msg.sender], "Rewards already claimed");

// ... (rest of the existing code)

hasClaimedRewards[msg.sender] = true;

}

This mitigation ensures that each user can only claim rewards once, preventing the possibility of malicious actors making multiple claims and maintaining fairness in the contract's reward distribution.

Updates

Lead Judging Commences

hrishibhat Lead Judge almost 2 years ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Assigned finding tags:

claims-reentrancy

informational/invalid

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

609

33 USDC / LOC

High Medium

17,500 USDC

Low

2,500 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.