Submission Details
Severity:
`LiquidationPool::distributeFees` should follow CEI pattern in order to avoid a potential re-entrancy issue.
Summary
distributeFees function does not follow CEI (Checks -> Effects -> Interactions) pattern.
Vulnerability Details
The function allows for an external interaction before a state change has occurred. The safeTransferFrom occurs before any state within the contract is updated.
function distributeFees(uint256 _amount) external onlyManager {
uint256 tstTotal = getTstTotal();
if (tstTotal > 0) {
IERC20(EUROs).safeTransferFrom(msg.sender, address(this), _amount); //another re entrancy
for (uint256 i = 0; i < holders.length; i++) {
address _holder = holders[i];
positions[_holder].EUROs += _amount * positions[_holder].TST / tstTotal;
}
for (uint256 i = 0; i < pendingStakes.length; i++) {
pendingStakes[i].EUROs += _amount * pendingStakes[i].TST / tstTotal;
}
}
}
Impact
This leaves the function LiquidationPool::distributeFees possibly open to a re-entrancy attack.
Tools Used
Manual Review
Recommendations
Use a nonReentrant modifier from openzeppelin or readjust the code so that the safeTransferFrom() occurs right at the end of the function.
Updates
Lead Judging Commences
hrishibhat almost 2 years ago
Submission Judgement Published Reason: Non-acceptable severity
Assigned finding tags:
informational/invalid
Prize pool breakdown
Total prize
20,000 USDC
nSLOC
60933
USDC / LOC
17,500 USDC
2,500 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.