Functions send eth away from contract but performs no checks on any address.
Summary
Consider introducing checks for `msg.sender` to ensure the recipient of the money is as intended.
Vulnerability Details
function could be vulnerable to reentrancy attacks, where an external contract could call withdraw recursively before the balanceOf[msg.sender] -= wad; line completes, allowing the attacker to withdraw more than intended. and If the balance of msg.sender is less than wad, the subtraction balanceOf[msg.sender] -= wad; could underflow, setting the balance to a very high number (if using Solidity <0.8.0). and the version is pragma solidity >=0.4.22 <0.6;
Impact
Requiring msg.sender to match the recipient makes it explicit who can withdraw funds, ensuring that funds will only be transferred to the address initiating the request. This is beneficial for multi-user contracts or financial applications where maintaining a clear transfer trail is important.
Tools Used
manual
Recommendations
The balance is updated before the transfer call, preventing reentrancy.
msg.sender.call{value: wad}("") is used, which is flexible with gas allocation but controlled to avoid unexpected behavior.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.