Reentrancy Attack Potential
Summary
The contribute function makes an external call to transfer funds and then modifies the status of the contract. Because of this, there is a chance that an attacker will repeatedly call contribute before the state update, which could result in them taking out more money than they had planned.
Vulnerability Details
There is a potential for reentrancy attacks caused by the contribute function which allows external calls before updating the contract's state.
Impact
By repeatedly calling the contribute function before the state is updated, an attacker could take advantage of this and accumulate funds without authorization.
Tools Used
Recommendations
-
Update state before external calls.
-
To stop sensitive functions from being executed repeatedly at the same time, implement a reentrancy guard mechanism.
pub fn contribute(ctx: Context<Contribute>, amount: u64) -> ProgramResult {let campaign = &mut ctx.accounts.campaign;let contributor = &mut ctx.accounts.contributor;// Update state before making the external callcampaign.total_amount += amount;contributor.amount_contributed += amount;// External callinvoke(&system_instruction::transfer(&ctx.accounts.user.key,&campaign.key(),amount,),&[ctx.accounts.user.to_account_info(),campaign.to_account_info(),ctx.accounts.system_program.to_account_info(),],)?;Ok(())}
Appeal created
[Invalid] Reentrancy
The reentrancy attacks occur when the contract modifies state and makes an external call, allowing the attacker to reenter. The `contribute` function doesn't perform an external call. For the SOL transfer the function uses a system program, not an external call to another smart contract. Therefore, there is no attack vector for reentrancy.
Rewards breakdown
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.