Issue: The joinDAO
function in MembershipFactory
involves multiple external calls to ERC20 token contracts for fund transfers, increasing the risk of reentrancy. This function transfers platform fees and tier prices, then calls the mint
function on an ERC1155 contract, which may indirectly call untrusted code and lead to reentrancy vulnerabilities.
Impact: Reentrancy vulnerabilities could allow an attacker to drain funds by re-entering the function before state updates are completed.
joinDAO
involves multiple external token transfers and could be exploited through reentrancy to mint tokens without transferring the required funds.
MembershipFactory.sol
:
POC:
An attacker could re-enter joinDAO
using a custom ERC20 token that triggers joinDAO
recursively in its transferFrom
function, allowing unlimited minting without fees.
Add reentrancy guard to joinDAO
.
Tool used : VSC, Github
Recommendation: Implement a reentrancy guard using the nonReentrant
modifier from OpenZeppelin's ReentrancyGuard
library. Ensure that state updates are done before making external calls.
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.