First Flight #21: KittyFi

Relevant GitHub Links
https://github.com/Cyfrin/2024-08-kitty-fi/blob/main/src/KittyVault.sol#L89-96

Summary

The executeWhiskdrawal function in the KittyVault contract, which handles the withdrawal of collateral, might be susceptible to reentrancy attacks. This risk arises if an ERC20 token used as collateral has a reentrancy vulnerability, despite the use of SafeERC20 for secure transfers.

Vulnerability Details

The executeWhiskdrawal function in KittyVault enables users to withdraw their collateral. If the collateral token has a reentrancy issue, an attacker could exploit it to perform additional actions within the same transaction, potentially draining funds or causing unintended state changes. Although SafeERC20 is used for secure transfers, ensuring that the reentrancy protection pattern (checks-effects-interactions) is consistently applied across the contract is crucial to mitigating this risk.

Impact

If exploited, this vulnerability could allow an attacker to withdraw more funds than they are entitled to, leading to significant financial losses and undermining the contract's integrity. This could cause severe damage to the protocol’s reputation and user trust.

Tools Used

Manual

Recommendations

Implement Reentrancy Guard: Add a reentrancy guard to the executeWhiskdrawal function to prevent reentrancy attacks.

• Re-check Effects-Interactions Pattern: Ensure that the checks-effects-interactions pattern is strictly followed in all functions dealing with external contract interactions.