search

code-423n4 / 2023-10-ethena-findings

5 stars 5 forks source link

Reentrancy opened for any contract that calls the withdraw function #694

Closed c4-submissions closed 11 months ago

c4-submissions commented 11 months ago

Lines of code

https://github.com/code-423n4/2023-10-ethena/blob/ee67d9b542642c9757a6b826c82d0cae60256509/contracts/USDeSilo.sol#L28

Vulnerability details

Impact

Reentrancy opened for any contract that calls the withdraw function in the stakedUSDeV2.sol which would drain of ether.

Proof of Concept

  function withdraw(address to, uint256 amount) external onlyStakingVault {
    USDE.transfer(to, amount);
  }

In this scenario, the attacker could attempt to drain the contract's balance before it can complete the intended transfer. Mitigating reentrancy risks often requires careful state management and the use of checks-effects-interactions patterns.

Tools Used

Pen and Paper

Recommended Mitigation Steps

Implement reentrancy guards, such as using the "checks-effects-interactions" pattern, to prevent reentrancy attacks.

Assessed type

Reentrancy

c4-pre-sort commented 11 months ago

raymondfam marked the issue as low quality report

c4-pre-sort commented 11 months ago

raymondfam marked the issue as duplicate of #194

c4-judge commented 11 months ago

fatherGoose1 marked the issue as unsatisfactory: Invalid