Tadle
Tadle
DeFi
30,000 USDC
View results
Previous Next
Submission Details
Severity: low
Invalid

Reentrancies due to not following CEI pattern

tinnohofficial

Vulnerability Details

In PreMarkets.sol the functions createOffer, createTaker, listOffer, closeOffer, relistOffer, abortAskOffer, abortBidTaker neither follow Checks Effects Interaction pattern nor do they have non-reentrant modifiers. For instance looking at abortBidTaker as a case study for these issues;

function abortBidTaker(address _stock, address _offer) external {
// ...
ITokenManager tokenManager = tadleFactory.getTokenManager();
// @audit here we are making an external call involving token transfer
tokenManager.addTokenBalance(
TokenBalanceType.MakerRefund,
_msgSender(),
makerInfo.tokenAddress,
transferAmount
);
// @audit we are changing state after a call that could reenter into this function or another function in the system.
stockInfo.stockStatus = StockStatus.Finished;
emit AbortBidTaker(_offer, _msgSender());
}

As indicated by @audit tags above, most functions in the protocol have no any protection against reentrancy.

Impact

Manipulation of protocol accounting to cause loss of funds and since protocol supports any ERC20 token, using ERC 777s, attacker can use hooks to callback into the functions to cause destruction

Tools Used

Manual Review

Recommendations

Use CEI pattern or simply use openzeppelin's Reentrancy Guard contract (nonReentrant) modifier

Updates

Lead Judging Commences

0xnevi Lead Judge 9 months ago
Submission Judgement Published
Invalidated
Reason: Lack of quality
Assigned finding tags:

[invalid] finding-PreMarkets-reentrancy

Invalid, all [vague generalities](https://docs.codehawks.com/hawks-auditors/how-to-determine-a-finding-validity#vague-generalities) talking about possible reentrancies 11and afaik, reentrancy is not possible and not proven.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.