Attacker can repeatedly call the function `repayBadDebtWithReserves` before the state changes are completed, manipulate the contract's state, drain its reserves/disrupt its normal operation.
Summary
The repayBadDebtWithReserves function in the MErc20DelegateFixer contract is susceptible to a reentrancy attack. This allows an attacker to repeatedly call the function before the state changes are completed, manipulation of the contract's state hence is possible.
Vulnerability Details
The vulnerability arises due to the lack of proper protection against reentrancy in the repayBadDebtWithReserves function. The function performs state changes, such as updating the bad debt counter and total reserves, but does not implement safeguards to prevent reentrancy attacks.
Impact
If exploited, this vulnerability could allow an attacker to manipulate the contract's state, drain its reserves, or disrupt its normal operation. For example, an attacker could repeatedly call repayBadDebtWithReserves to reduce the bad debt counter and reserves, potentially leading to financial losses for users or destabilization of the protocol.
Tools Used
Manual
Recommendations
Use the nonReentrant modifier or a reentrancy guard to prevent reentrancy attacks, Implement the checks-effects-interactions pattern to ensure that state changes are completed before interacting with external contracts, Consider using the withdrawal pattern to separate state updates from external interactions, reducing the attack surface for reentrancy vulnerabilities.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.