Incorrect totalSupply while read only reentrancy
Summary
Its not known issue about reentrancy! This issue about read only reentrancy.
More info about this type of attack - https://medium.com/@zokyo.io/read-only-reentrancy-attacks-understanding-the-threat-to-your-smart-contracts-99444c0a7334
Vulnerability Details
Reentransy of this type do not imply a repeated call of the same function, but a call to another contract (maybe even a different protocol) and at this moment another contract will receive incorrect data if it calls the view function of the SmartVaultManagerV5 contract.
Example:
User deploy own contract (rContract.sol, for example)
user call rContract.sol.start() -> SmartVaultManagerV5.mint() -> rContract.onERC721Received()
and rContract in onERC721Received function could call other protocol and this protocol could call in this moment SmartVaultManagerV5.totalSupply()
and get wrong count of minted tokens. Because totalSupply() function return value of lastToken variable.
But this variable updated only after _safeMint() function finished execution.
Impact
Other contracts(protocols) could read wrong data from SmartVaultManagerV5 contract, while minting new vault.
Tools Used
Manual review
Recommendations
At first, update value in lastToken variable
Lead Judging Commences
informational/invalid
informational/invalid
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.