Closed CloudEllie closed 2 years ago
Judge @GalloDaSballo has assessed the 1st item in QA Report #36 as Medium risk. The relevant finding follows:
…
https://github.com/code-423n4/2022-02-concur/blob/main/contracts/ConcurRewardPool.sol#L37-L38
IERC20(_tokens[i]).safeTransfer(msg.sender, getting); reward[msg.sender][_tokens[i]] = 0;
Considering there are exterTokens, it is possible that some token will provide reentry opportunities.
change to order of L37 and L38
reward[msg.sender][_tokens[i]] = 0; IERC20(_tokens[i]).safeTransfer(msg.sender, getting);
Duplicate of #86
CloudEllie
commented
2 years ago CloudEllie
commented
2 years ago
Judge @GalloDaSballo has assessed the 1st item in QA Report #36 as Medium risk. The relevant finding follows:
…
POC
https://github.com/code-423n4/2022-02-concur/blob/main/contracts/ConcurRewardPool.sol#L37-L38
Considering there are exterTokens, it is possible that some token will provide reentry opportunities.
Mitigation
change to order of L37 and L38