Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
code423n4Code4renaCODE423N4:2022-01-SHERLOCK-FINDINGS-ISSUES-1
HistoryJan 20, 2022 - 12:00 a.m.

Possible Re-entrancy in _sendSherRewardsToOwner

2022-01-2000:00:00
Code4rena
github.com
5
JSON

Handle

static

Vulnerability details

Vulnerability details

Impact

If the SHER token performs a callback, such as in ERC-777 tokens, when performing transfers, the _sendSherRewardsToOwner function can be run multiple times to extract more rewards than should be available for a single NFT.

Proof of Concept

The attackers stakes Sherlock for the minimum period and transfer the NFT to a contract with a fallback that calls ownerRestake when called. Once the period is up, they call ownerRestake from the contract (using the fallback), which triggers multiple more ownerRestakes before returning. This causes the contract to call safeTransfer multiple times giving them more reward than they’re entitled to.

Tools Used

N/A

Recommended Mitigation Steps

delete the sherRewards_[_id] prior to transferring the SHER token to the user.

The text was updated successfully, but these errors were encountered:

All reactions

JSON