Closed code423n4 closed 2 years ago
tensors
It is best to transfer tokens to the user after all smart contract logic has been done to avoid any possible reentrancies. See, https://fravoll.github.io/solidity-patterns/checks_effects_interactions.html for examples.
https://github.com/code-423n4/2021-09-defiProtocol/blob/52b74824c42acbcd64248f68c40128fe3a82caf6/contracts/contracts/Auction.sol#L85-L87
Rewrite the code so that transfers to the user happen last.
Duplicate of #97
GalloDaSballo
commented
2 years ago GalloDaSballo
commented
2 years ago
Handle
tensors
Vulnerability details
Impact
It is best to transfer tokens to the user after all smart contract logic has been done to avoid any possible reentrancies. See, https://fravoll.github.io/solidity-patterns/checks_effects_interactions.html for examples.
Proof of Concept
https://github.com/code-423n4/2021-09-defiProtocol/blob/52b74824c42acbcd64248f68c40128fe3a82caf6/contracts/contracts/Auction.sol#L85-L87
Recommended Mitigation Steps
Rewrite the code so that transfers to the user happen last.