Core Contracts
Regnum Aurum Acquisition Corp
HardhatReal World AssetsNFT
77,280 USDC
View results
Previous Next
Submission Details
Severity: high
Invalid

Reentrancy in placeBid, NFTLiquidator.sol

hawks

Summary

In the placeBid function, state variables are updated after external calls, which creates a reentrancy vulnerability. This could allow an attacker to re-enter the function multiple times before the state updates, leading to potential fund loss.

Affected Code:

function placeBid(uint256 tokenId) external payable {
TokenData storage data = tokenData[tokenId];
if (block.timestamp >= data.auctionEndTime) revert AuctionHasEnded();
uint256 minBidAmount = data.highestBid + (data.highestBid * minBidIncreasePercentage / 100);
if (msg.value <= minBidAmount) revert BidTooLow(minBidAmount);
if (data.highestBidder != address(0)) {
payable(data.highestBidder).transfer(data.highestBid);
}
// @ audit update the sate after calling transfer
data.highestBid = msg.value;
// @ audit update the sate after calling transfer
data.highestBidder = msg.sender;
emit BidPlaced(tokenId, msg.sender, msg.value);
}

Vulnerability Details

The function transfers ETH to the previous highest bidder (payable(data.highestBidder).transfer(data.highestBid)) before updating the bid state.

Impact

An attacker could repeatedly call the function, forcing multiple refunds and draining the contract’s funds.

Tools Used

Manual review

Recommendations

Update the sate variable before making an external call or add nonReentrant modifier to prevent reentrancy attacks.

Updates

Lead Judging Commences

inallhonesty Lead Judge 4 months ago
Submission Judgement Published
Invalidated
Reason: Out of scope

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.