Submission Details
Severity:
Wrong implementation of `nonReentrant` modifier in `InheritanceManager` contract.
Description
The `nonReentrant` modifier should use to protect against reentrancy attack, But the implementation of `nonReentrant` modifier in `InheritanceManager` contract is wrong implementation.
```javascript
modifier nonReentrant() {
assembly {
@> if tload(1) { revert(0, 0) }
tstore(0, 1)
}
_;
assembly {
tstore(0, 0)
}
}
```
As per solidity doccumentation `https://soliditylang.org/blog/2024/01/26/transient-storage/` th `nonReentrant` modifier is diffrent from the implementaion.
Impact
The contract will open vulnerability which will lead to potential reentrancy attack.
Proof of Concept
See the `https://soliditylang.org/blog/2024/01/26/transient-storage/` doccument for more information.
Recommended Mitigation
Follow the `https://soliditylang.org/blog/2024/01/26/transient-storage/` doccumentaion to implement `nonReenrant` modifier or add this to the contract.
```diff
modifier nonReentrant() {
assembly {
+ if tload(0) { revert(0, 0) }
- if tload(1) { revert(0, 0) }
tstore(0, 1)
}
_;
assembly {
tstore(0, 0)
}
}
```
Updates
Lead Judging Commences
0xtimefliez 3 months ago
Submission Judgement Published Assigned finding tags:
Wrong value in nonReentrant modifier
Rewards breakdown
nSLOC
211This contest has a flat reward structure with the following payouts:
100 EXP
20 EXP
2 EXP
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.