Mystery Box
First Flight #25
Beginner FriendlyFoundry
100 EXP
View results
Previous Next
Submission Details
Severity: high
Invalid

The `openBox` function is in danger of Re-entrancy attack.

eth0x

Summary

A reentrancy attack is a type of vulnerability in smart contracts where an attacker can repeatedly call a function before the previous execution is complete, potentially draining funds from the contract.

Vulnerability Details

Order of command operation in function is wrong.

First new value is push to list and after that is reduction user's balance by 1.

Impact

is possible to send new value to list without reduction a box count.

Tools Used

Foundry

Recommendations

Use the checks-effects-interactions pattern:

First, check conditions, then update the state, and finally interact with other contracts.
Implement reentrancy guards: Use a mutex or a similar mechanism to prevent reentrant calls4.

This line of the code should be before if statmend:

boxesOwned[msg.sender] -= 1;
if()

POC

pragma solidity ^0.8.0;
import "./MysteryBox.sol";
contract Attack {
MysteryBox public mysteryBox;
constructor(address _mysteryBox) {
mysteryBox = MysteryBox(__mysteryBox);
}
// Fallback function to receive rewards
fallback() external payable {
if (mysteryBox.boxesOwned(address(this)) > 0) {
mysteryBox.openBox();
}
}
function attack() public {
mysteryBox.openBox();
}
}
Updates

Appeal created

inallhonesty Lead Judge about 1 year ago
Submission Judgement Published
Invalidated
Reason: Lack of quality

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!