Reentrancy Attack Vulnerability in withdraw Function Due to Missing Check-Effects-Interactions
Summary
The withdraw function in the Dussehra contract is susceptible to reentrancy attacks due to the incorrect implementation of the check-effects-interactions pattern. This allows an attacker to recursively call the withdraw function and drain the contract's funds.
Vulnerability Details
The withdraw function in the Dussehra contract does not follow the check-effects-interactions pattern, which leaves it vulnerable to reentrancy attacks. This function allows the selected Ram to withdraw funds, but because the state variable totalAmountGivenToRam is updated after the external call to msg.sender.call{value: amount}(""), an attacker can exploit this by recursively calling the withdraw function before totalAmountGivenToRam is set to 0.
Impact
Repeatedly call the withdraw function and withdraw the same funds multiple times.
Tools Used
Manual review
Recommendations
To mitigate this vulnerability, implement the check-effects-interactions pattern properly by updating the state before making any external calls.
Lead Judging Commences
Invalid - reentrancy in withdraw
The `withdraw` function sends the given amount to Ram. If the attacker calls the `withdraw` function again before the state variable is changed, the function will revert because there are no more funds in the contract. This reentrancy has no impact for the protocol. It is recommended to follow the CEI pattern, but this is informational.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.