DatingDapp

First Flight #33

Beginner FriendlyFoundrySolidityNFT

100 EXP

View results

Previous Next

Submission Details

Severity: low

Invalid

Double Spending/Loss of Funds

jauv4ny

Summary

The contract does not prevent the same transaction from being executed multiple times. If txn.executed is not set correctly (e.g., due to a bug or reentrancy), a transaction could be executed more than once.

Code

function executeTransaction(uint256 _txId) external onlyOwners {

require(_txId < transactions.length, "Invalid transaction ID");

Transaction storage txn = transactions[_txId];

require(!txn.executed, "Transaction already executed");

require(txn.approvedByOwner1 && txn.approvedByOwner2, "Not enough approvals");

txn.executed = true;

(bool success,) = payable(txn.to).call{value: txn.value}("");

require(success, "Transaction failed");

emit TransactionExecuted(_txId, txn.to, txn.value);

}

Vulnerability Details

Example Scenario:

Imagine the multi-sig wallet has 10 ETH. There are two approved transactions:

Transaction 1: Send 1 ETH to Alice

Transaction 2: Send 2 ETH to Bob

The malicious contract is at Alice's address.

executeTransaction(1) is called.

1 ETH is sent to Alice (the malicious contract).

Alice's contract's fallback function is triggered.

The fallback function calls executeTransaction(2).

executeTransaction(2) passes the checks because txn.executed for transaction 2 is still false.

2 ETH is sent to Bob.

The fallback function of Bob's contract (which could also be controlled by the attacker) is triggered, and it can call executeTransaction again.

This can repeat until the multi-sig wallet is drained (or until no more approved transactions exist).

Impact

Funds could be drained if a transaction is executed multiple times.

Tools Used

Manual analysis

Recommendations

Ensure txn.executed is set to true before making the external call in executeTransaction.

Updates

Appeal created

n0kto Lead Judge 6 months ago

Submission Judgement Published

Invalidated

Reason: Non-acceptable severity

Assigned finding tags:

Suppositions

You have to point a real root-cause leading to a bug. "If, may, could, unexpected behavior, incoherent" are not describing a real concrete bug. Please read the CodeHawks documentation to know which submissions are valid. If you disagree, provide a coded PoC and explain the real likelihood and the detailed impact on the mainnet without any supposition (if, it could, etc) to prove your point.

Rewards breakdown

nSLOC

197

This contest has a flat reward structure with the following payouts:

High

100 EXP

Medium

20 EXP

Low

2 EXP

Live

The contest is live. Earn rewards by submitting a finding.

Judging

Submissions are being carefully reviewed by our judges.

View all submissions

Appeals

This is your time to appeal against judgements on your submissions.

Appeals Review

Appeals are being carefully reviewed by our judges.

Rewards Distribution

The contest is complete and the rewards are being distributed.

View results

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.