Eggstravaganza
First Flight #37
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: high
Invalid

Reentrancy in endGame function (EggHuntGame.sol)

simranjitsinghss

Summary:

Hi,

I have found out a potential vulnerability in the smart contract EggHuntGame.sol which can leads to reentrancy in the function endGame.

Vulnerability Details:

The key details of the potential vulnerability can be given as follows:

In function endGame, the unsafe operation eggNFT.transferFrom above depositEgg leads to reentrancy as it doesn't check for the deposit balance of the user in the contract before sending the NFT reward to the user and attacker can exploit it by calling the function again and again results in extracting rewards from the vault.

function depositEggToVault(uint256 tokenId) external {
require(eggNFT.ownerOf(tokenId) == msg.sender, "Not owner of this egg");
// The player must first approve the transfer on the NFT contract.
@> eggNFT.transferFrom(msg.sender, address(eggVault), tokenId);
eggVault.depositEgg(tokenId, msg.sender);
}

Impact:

The attacker can extract all the rewards from the game vault and leads to drainage of rewards by creating DoS situation.

Tools Used:

Manual review + VS Code

Recommendations:

Use Openzeppelin's ReentranncyGuard to prevent reentrancy attack.

Reference:

https://www.cyfrin.io/blog/what-is-a-reentrancy-attack-solidity-smart-contracts

Updates

Lead Judging Commences

m3dython Lead Judge 4 months ago
Submission Judgement Published
Invalidated
Reason: Incorrect statement

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.