The CEI pattern is not followed in the ThePredicter::cancelRegistration
function. This allows an attacker to reenter the function and withdraw the entrance fee multiple times.
The following code snippet demonstrates the reentrancy vulnerability in the ThePredicter::cancelRegistration
function.
Paste the following proof of code into the ThePredicter.test.sol
file:
Test:
Attacker contract:
An attacker can drain all funds from the contract including the entrance and prediction fees.
Manual review
Follow the CEI pattern in the ThePredicter::cancelRegistration
function to prevent reentrancy attacks.
To do so move the state change to the beginning of the function before the external call.
Reentrancy of ThePredicter::cancelRegistration allows a maliciour user to drain all funds.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.