The stakeFor
function involves transferring tokens and updating state variables. The current implementation of the function allows for a reentrancy attack because it does not follow the Check-Effects-Interactions (CEI) pattern. Ensuring that all state updates are completed before any external calls are made is crucial to prevent such attacks.
found in stakeFor
function in the TempleGoldStaking.sol
smart contract.
If a reentrancy attack is possible, an attacker could exploit the contract to call the function repeatedly before the initial execution completes, potentially leading to inconsistencies and unauthorized operations, resulting in loss of funds or other unexpected behaviors.
The function stakeFor
currently looks like this:
In this code, the safeTransferFrom
call is an external interaction that occurs before state updates are fully completed, which violates the CEI pattern.
An attacker could craft a malicious stakingToken
contract to re-enter the stakeFor
function during the safeTransferFrom
call.
Manual audit, Foundry
To prevent reentrancy attacks, follow the CEI pattern: perform all state changes before making external calls. Reorder the function to update the state variables before the external call.
Example Mitigation:
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.