Zaros Part 1
Zaros
DeFiFoundry
60,000 USDC
View results
Previous Next
Submission Details
Severity: medium
Invalid

Possible Reentrancy in performUpkeep function

TZARred

Relevant GitHub Links

https://github.com/Cyfrin/2024-07-zaros/blob/main/src/external/chainlink/keepers/liquidation/LiquidationKeeper.sol#L100-L106

Summary

If perpsEngine.liquidateAccounts is not properly secured, it could lead to reentrancy issues. Although the code does not include direct value transfers, it is still a good practice to ensure that reentrancy is not possible.

Vulnerability Details

Potential Reentrancy: External call to perpsEngine.liquidateAccounts without reentrancy guard.

function performUpkeep(bytes calldata peformData) external override onlyForwarder {
uint128[] memory accountsToBeLiquidated = abi.decode(peformData, (uint128[]));
LiquidationKeeperStorage storage self = _getLiquidationKeeperStorage();
(IPerpsEngine perpsEngine) = (self.perpsEngine);
perpsEngine.liquidateAccounts(accountsToBeLiquidated);
}

Impact

if liquidateAccounts is vulnerable, it could be exploited.

Tools Used

Manual

Recommendations

Ensure the liquidateAccounts function in IPerpsEngine is not vulnerable to reentrancy or add a reentrancy guard in performUpkeep

+ bool private locked;
+ modifier noReentrancy() {
+ require(!locked, "No reentrancy");
+ locked = true;
+ _;
+ locked = false;
+ }
function performUpkeep(bytes calldata peformData) external override onlyAuthorized noReentrancy {
uint128[] memory accountsToBeLiquidated = abi.decode(peformData, (uint128[]));
LiquidationKeeperStorage storage self = _getLiquidationKeeperStorage();
(IPerpsEngine perpsEngine) = (self.perpsEngine);
perpsEngine.liquidateAccounts(accountsToBeLiquidated);
}
Updates

Lead Judging Commences

inallhonesty Lead Judge 11 months ago
Submission Judgement Published
Invalidated
Reason: Lack of quality

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.