Flow

Sablier

FoundryDeFi

20,000 USDC

View results

Previous Next

Submission Details

Severity: medium

Invalid

Batch Processing with Delegate Call Risks Allows Potential State Manipulation

0xgee001

Summary

The batch function in Batch.sol uses delegatecall to execute multiple calls in a single transaction, which could allow unintended state changes if arbitrary functions are executed. Without strict access control, this creates a risk of bypassing safeguards within each individual function.

Vulnerability Details

The batch function uses delegatecall within a loop, allowing multiple state-altering functions to be called:

function batch(bytes[] memory data) external payable {

for (uint256 i = 0; i < data.length; i++) {

(bool success, ) = address(this).delegatecall(data[i]);

}

An attacker could exploit this by calling both deposit and withdraw in a single batch, potentially bypassing function-specific checks.

Impact

Exploiting batch processing could lead to:

Double-spending or bypassing individual function controls.
Manipulation of balances, causing financial discrepancies.

Tools Used

Manual code review

Recommendations

Restrict batch calls to a whitelist of approved functions or add granular access control checks to prevent arbitrary function execution.

Updates

Lead Judging Commences

inallhonesty Lead Judge 10 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Prize pool breakdown

Total prize

20,000 USDC

nSLOC

699

29 USDC / LOC

High Medium

19,000 USDC

Low

1,000 USDC

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.