Reentrancy in 'Claim' Function
Summary
any account can claim 25 tokens 4 times
Vulnerability Details
the claim function allows for reentrant calls, an attacker could call it multiple times before state changes take effect, thereby claiming more tokens than allowed
Impact
If an acceptable user can claim more tokens than intended, they could deplete the contract's token reserve, leading to significant financial losses.
Tools Used
personal review
Recommendations
use a mapping (address=>bool) claimed ;
the new function with an error :
function claim(address account, uint256 amount, bytes32[] calldata merkleProof) external payable {
// the contract take the fees
if (claimed[account]) {
revert already___claimed();
}
if (msg.value != FEE) {
revert MerkleAirdrop__InvalidFeeAmount();
}
bytes32 leaf = keccak256(bytes.concat(keccak256(abi.encode(account, amount))));
if (!MerkleProof.verify(merkleProof, i_merkleRoot, leaf)) {
revert MerkleAirdrop__InvalidProof();
}
emit Claimed(account, amount);
i_airdropToken.safeTransfer(account, amount);
claimed[account] = true;
}
Lead Judging Commences
multi-claim-airdrop
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.