Potential Reentrancy Vulnerability in `MysteryBox` Contract Due to Missing CEI Pattern
Description
The MysteryBox contract is designed to allow users to purchase and open mystery boxes that contain random rewards, creating an exciting experience for users. However, the claimAllRewards() function in the MysteryBox.sol contract uses the .call method to transfer funds, which can expose the contract to reentrancy attacks. A malicious user could exploit this by recursively calling the claimAllRewards() function before the state is properly updated, potentially draining funds from the contract.
Other similar functions that could be affected by reentrancy vulnerabilities are:
transferRewardclaimSingleRewardopenBox
Impact
Failure to implement the Checks-Effects-Interactions (CEI) pattern in the claimAllRewards() function makes the contract susceptible to reentrancy attacks. This vulnerability could allow an attacker to repeatedly claim rewards without limit, leading to the depletion of the contract’s balance and resulting in significant financial losses.
Recommendation
To mitigate the risk of reentrancy, apply the CEI pattern by updating the contract state before making external calls (such as sending ETH). Specifically, move the delete rewardsOwned[msg.sender]; line before the .call function to ensure that the state is updated before any external interactions.
Appeal created
`claimAllRewards` reentrancy
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.