nonreentrant modiifier should occur before all other modifiers
Summary:
In (contracts/src/AaveDIVAWrapper.sol#23#85#102#1991
LINE NUMBER 23 CODE:
LINE NUMBER 85 CODE:
LINE NUMBER 102 CODE:
LINE NUMBER 1991 CODE:
The vulnerability arises from the order of modifiers applied to the registerCollateralToken and claimYield functions. In Solidity, the order of modifiers can affect the execution flow and security of a function. The nonReentrant modifier is designed to prevent reentrancy attacks by ensuring that a function cannot be called again until it has completed its execution. However, if the nonReentrant modifier is not the first modifier applied, there is a risk that other modifiers, such as onlyOwner, could execute code that might inadvertently allow reentrancy vulnerabilities to be exploited before the nonReentrant check is enforced. To mitigate this risk, the nonReentrant modifier should be placed before all other modifiers to ensure that the reentrancy protection is applied as early as possible in the function execution.
Vulnerability Details
Impact
Tools Used
Recommendations:
To resolve the issue, reorder the modifiers in the registerCollateralToken and claimYield functions so that the nonReentrant modifier is applied before the onlyOwner modifier. This ensures that the reentrancy protection is enforced at the earliest point in the function execution. Here is the recommended change:
By making this change, you ensure that the nonReentrant protection is applied before any other logic, reducing the risk of reentrancy vulnerabilities.
Prize pool breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.