Incorrect Implementation of Transient Reentrancy Guard
Summary
The nonReentrant modifier in InheritanceManager implementation of Transient Storage Reentrancy Guard contains an implementation error leading to ineffective reentrancy protection.
Vulnerability Details
In nonReentrant modifier there is a mismatch between the storage slots being checked and modified, the code checks slot 1 but sets slot 0, making the reentrancy protection ineffective.
Impact
The severity of the security vulnerability described above is mitigated by the presence of the onlyOwner modifier on the affected functions because:
Limited attack vector - The functions protected by this modifier (
sendERC20,sendETH, andcontractInteractions) are also protected by theonlyOwnermodifier, meaning only the contract owner can call these functions.Trust Assumption - Since the owner is presumably trusted, the risk of a malicious reentrancy attack from the owner is less likely to happen.
However, there are still potential concerns:
Unintentional Reentrancy - Even a trusted owner could trigger reentrancy by making external calls to malicious contracts.
False Security - The contract claims to implement reentrancy protection, but it's ineffective, which could lead to false security assumptions.
Tools Used
Manual code review
Recommendations
Follow the proper implementation: https://soliditylang.org/blog/2024/01/26/transient-storage
Lead Judging Commences
Wrong value in nonReentrant modifier
Wrong value in nonReentrant modifier
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.