Fjord Token Staking

Fjord

DeFiFoundry

20,000 USDC

Submission Details

Severity: medium

Invalid

CEI Pattern Violation

Summary: The stake function violates the Checks-Effects-Interactions (CEI) pattern, potentially allowing a reentrancy attack.

Vulnerability Details: The stake function updates the contract’s state after making an external call, violating the CEI pattern. This could enable a reentrancy attack, allowing an attacker to exploit the contract and withdraw more funds than they are entitled to. if a transfer fails but the state is still updated, this could be problematic.
Impact: Potential loss of funds from the contract.
Tools Used: Manual code review.
Recommendations: Reorder the stake function to ensure all state changes occur before any external calls.

Updates

inallhonesty Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Lack of quality

Total prize

20,000 USDC

nSLOC

662

30 USDC / LOC

High Medium

16,000 USDC

Low

2,500 USDC

Judges

1,500 USDC

The contest is live. Earn rewards by submitting a finding.

Submissions are being carefully reviewed by our judges.

This is your time to appeal against judgements on your submissions.

Appeals are being carefully reviewed by our judges.

The contest is complete and the rewards are being distributed.

Support

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.