Reentrancy opened for any contract that calls the withdraw function in the stakedUSDeV2.sol which would drain of ether.
Proof of Concept
function withdraw(address to, uint256 amount) external onlyStakingVault {
USDE.transfer(to, amount);
}
In this scenario, the attacker could attempt to drain the contract's balance before it can complete the intended transfer. Mitigating reentrancy risks often requires careful state management and the use of checks-effects-interactions patterns.
Tools Used
Pen and Paper
Recommended Mitigation Steps
Implement reentrancy guards, such as using the "checks-effects-interactions" pattern, to prevent reentrancy attacks.
Lines of code
https://github.com/code-423n4/2023-10-ethena/blob/ee67d9b542642c9757a6b826c82d0cae60256509/contracts/USDeSilo.sol#L28
Vulnerability details
Impact
Reentrancy opened for any contract that calls the withdraw function in the stakedUSDeV2.sol which would drain of ether.
Proof of Concept
In this scenario, the attacker could attempt to drain the contract's balance before it can complete the intended transfer. Mitigating reentrancy risks often requires careful state management and the use of checks-effects-interactions patterns.
Tools Used
Pen and Paper
Recommended Mitigation Steps
Implement reentrancy guards, such as using the "checks-effects-interactions" pattern, to prevent reentrancy attacks.
Assessed type
Reentrancy