60,000 USDC
Submission Details
Severity:
Reentrancy Attacks
Summary Lines interacting with external contracts without a clear reentrancy guard:
Vulnerability Details
The contract interacts with external contracts, particularly in the depositTokens and withdrawTokens functions, where it sends messages to another contract via IStarknetMessaging. If these external calls (sendMessageToL2, startL1ToL2MessageCancellation, cancelL1ToL2Message) can trigger callbacks or allow for re-entry into the contract before state updates are finalized, it could lead to reentrancy attacks.
IStarknetMessaging(_starknetCoreAddress).sendMessageToL2{value: msg.value}(...); // Line 137
IStarknetMessaging(_starknetCoreAddress).startL1ToL2MessageCancellation(...); // Line 227
IStarknetMessaging(_starknetCoreAddress).cancelL1ToL2Message(...); // Line 247
Impact
An attacker could drain funds or disrupt contract logic by recursively calling functions before the first invocation completes, potentially leading to loss of funds or unauthorized actions.
Tools Used
Manual code review
Recommendations
Perform state changes before calling external contracts and consider Implementing checks-effects-interactions pattern, use reentrancy guards, and consider using the nonReentrant modifier from OpenZeppelin's ReentrancyGuard.
Updates
Lead Judging Commences
n0kto about 1 year ago
Submission Judgement Published Reason: Incorrect statement
Assigned finding tags:
Informational / Gas
Please, do not suppose impacts, think about the real impact of the bug and check the CodeHawks documentation to confirm: https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity A PoC always helps to understand the real impact possible.
Prize pool breakdown
Total prize
60,000 USDC
nSLOC
2,30126 USDC / LOC
50,000 USDC
5,500 USDC
4,500 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.