Submission Details
Severity:
claimAllRewards() and claimSingleReward() have reentrancy attack
Summary
Malicious attacker can steal all funds in claimAllRewards(), claimSingleReward() by reentrancy attack
Vulnerability Details
An attacker can re-enter the contract by these functions. They can call claimAllRewards ,claimSingleReward several times before the balance is updated.
Impact
Attacker can perform a reentrancy attack and claim rewards while the balance exists.
Tools Used
Manual review
Recommendations
function claimAllRewards() public nonReentrant {
uint256 totalValue = 0;
for (uint256 i = 0; i < rewardsOwned[msg.sender].length; i++) {
totalValue += rewardsOwned[msg.sender][i].value;
}
require(totalValue > 0, "No rewards to claim");
delete rewardsOwned[msg.sender];
(bool success,) = payable(msg.sender).call{value: totalValue}("");
require(success, "Transfer failed");
}
function claimSingleReward(uint256 _index) public {
require(_index <= rewardsOwned[msg.sender].length, "Invalid index");
uint256 value = rewardsOwned[msg.sender][_index].value;
require(value > 0, "No reward to claim");
delete rewardsOwned[msg.sender][_index];
(bool success,) = payable(msg.sender).call{value: value}("");
require(success, "Transfer failed");
}
Updates
Appeal created
inallhonesty 8 months ago
Submission Judgement Published Assigned finding tags:
`claimAllRewards` reentrancy
`claimSingleReward` reentrancy
Rewards breakdown
nSLOC
86This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.