Closed c4-bot-10 closed 7 months ago
This is valid - duplicate of https://github.com/code-423n4/2024-01-opus-findings/issues/211.
bytes032 marked the issue as duplicate of #211
bytes032 marked the issue as sufficient quality report
alex-ppg marked the issue as satisfactory
Lines of code
https://github.com/code-423n4/2024-01-opus/blob/4720e9481a4fb20f4ab4140f9cc391a23ede3817/src/core/shrine.cairo#L1389
Vulnerability details
Vulnerability details
when user call
abbot.withdraw()
->shrine.withdraw()
->shrine.withdraw_helper()
The main logic is
withdraw_helper()
Execution steps:
let new_trove_balance = trove_balance - amount;
self.charge(trove_id);
self.deposits.write((yang_id, trove_id), new_trove_balance);
However,
self.charge()
may executepull_redistributed_debt_and_yangs()
->self.deposits.write()
, retrievingredistributed yang
. These retrievedredistributed yang
will be overwritten by the temporary variablenew_trove_balance
in the third step. This part of theredistributed yang
will be lost.Impact
redistributed yang will lost
Recommended Mitigation
charge first
Assessed type
Error