I strongly recommend adding a nonreentrant modifier on the functions within VaultHelper.sol
The contract makes a bunch of unsafe external calls to the user submitted addresses _vault and _gauge.
Also, add some checks to make sure _vault and _gauge are actually protocol vaults and gauges. Otherwise,
contract execution is given over to potentially malicious contracts.
Handle
tensors
Vulnerability details
Impact
I strongly recommend adding a nonreentrant modifier on the functions within VaultHelper.sol The contract makes a bunch of unsafe external calls to the user submitted addresses _vault and _gauge. Also, add some checks to make sure _vault and _gauge are actually protocol vaults and gauges. Otherwise, contract execution is given over to potentially malicious contracts.
An ounce of prevention is worth a pound of cure.
Proof of Concept
https://github.com/code-423n4/2021-09-yaxis/blob/main/contracts/v3/VaultHelper.sol
Recommended Mitigation Steps
Add a nonreentrant modifier throughout the file.