First Flight #20: The Predicter
First Flight #20
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: high
Invalid

Reentrancy Attack Vulnerability in ThePredicter::withdrawPredictionFees functions uses the call method to transfer funds to msg.sender

Caesar

Relevant GitHub Links

https://github.com/Cyfrin/2024-07-the-predicter/blob/main/src/ThePredicter.sol#L101-L109

Summary

withdrawPredictionFees functions use the call method to transfer funds to msg.sender. This is vulnerable to reentrancy attacks because the state change occurs after the fund transfer.

Vulnerability Details

using call for transferring funds exposes the function to reentrancy attacks. This can be found in the code:

function withdrawPredictionFees() public {
if (msg.sender != organizer) {
revert ThePredicter__NotEligibleForWithdraw();
}
uint256 fees = address(this).balance - players.length * entranceFee;
@> (bool success, ) = msg.sender.call{value: fees}("");
require(success, "Failed to withdraw");
}

Impact

An attacker could exploit this vulnerability to repeatedly call withdrawPredictionFees function, draining the contract's funds. Reentrancy attacks can severely impact the integrity and financial stability of the contract.

Tools Used

Manual

Recommendations

Implement a reentrancy guard to prevent reentrant calls.

Updates

Lead Judging Commences

NightHawK Lead Judge 12 months ago
Submission Judgement Published
Invalidated
Reason: Non-acceptable severity

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.