search

code-423n4 / 2024-06-renzo-mitigation-findings

0 stars 0 forks source link

H-3 MitigationConfirmed #42

Open c4-bot-8 opened 3 months ago

c4-bot-8 commented 3 months ago

Lines of code

Vulnerability details

Original Issue Summary

ETH withdrawals from EigenLayer require a reentrancy in receive(). However, the receive() function uses the nonReentrant modifier, which prevents the reentrancy and ultimately resulting in ETH withdrawals from EigenLayer failing.

Mitigation

This mitigation proposes the removal of the nonReentrant modifier:

-    receive() external payable nonReentrant {
+    receive() external payable {

Comments

This mitigation succesfully mitigates H-03, reentrancy is now possible again in the receive() function, which means that the EigenLayer ETH withdraws will succeed.

Suggestion

n/a

Conclusion

LGTM

liveactionllama commented 3 months ago

Minor label update for consistency across all MR-H-03 submissions.

c4-judge commented 3 months ago

alcueca marked the issue as satisfactory