static
If the SHER token performs a callback, such as in ERC-777 tokens, when performing transfers, the _sendSherRewardsToOwner function can be run multiple times to extract more rewards than should be available for a single NFT.
The attackers stakes Sherlock for the minimum period and transfer the NFT to a contract with a fallback that calls ownerRestake when called. Once the period is up, they call ownerRestake from the contract (using the fallback), which triggers multiple more ownerRestakes before returning. This causes the contract to call safeTransfer multiple times giving them more reward than theyβre entitled to.
N/A
delete the sherRewards_[_id] prior to transferring the SHER token to the user.
The text was updated successfully, but these errors were encountered:
All reactions