The claimAndSwap
function in all protocol's implementations (StrategyOp.sol, StrategyMainnet.sol, StrategyArb.sol)
is vulnerable to reentrancy attacks due to multiple calls without proper protection, allowing a keeper to perform multiple claims and swaps in transactions.
The function makes three sequential external calls without reentrancy protection:
A malicious keeper could:
Call claimAndSwap
with initial amount
Execute multiple claims before state updates
The reentrancy vulnerability in claimAndSwap
creates a severe risk to the protocol's assets and operations. A malicious keeper can exploit the unprotected external calls to execute multiple unauthorized claims and swaps within a single transaction, leading to direct fund losses. This vulnerability affects all three strategy implementations , putting the entire protocol's TVL at risk.
Manual code review.
Implement OpenZeppelin's ReentrancyGuard
The contest is live. Earn rewards by submitting a finding.
This is your time to appeal against judgements on your submissions.
Appeals are being carefully reviewed by our judges.