When calling delegatecall
the same msg.value
amount will be accredited multiple times.
The contract TradingAccountBranch
uses the delegatecall
proxy pattern (which takes user-provided call data) in a payable
function within a loop. This means that each delegatecall
within the for
loop will retain the msg.value
of the transaction.
The protocol does not currently use the msg.value
in any meaningful way.
The use of delegatecall
within a loop, in the context of a payable
function, can lead to the repeated crediting of the msg.value
amount, potentially causing unexpected behavior or loss of funds.
When calling the function badCall
the same msg.value
amount will be accredited multiple times.
Slither/Aderyn/Solodit
The function called by delegatecall should not be payable
/ doesn't use msg.value
.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.