Judge @GalloDaSballo has assessed the 2nd item in QA Report #230 as Medium risk. The relevant finding follows:
…
a user can claim a reward by calling the claimRewards(), however this function didnt follow the correct check effect pattern, where the zero address is set after making an external call, lets say the reward token is erc777 which will make an external during transfer, the user can reenter this function since this function didnt follow the check effect pattern and didnt have a noreentrant modifier, the user can claim token with reentrancy.
The text was updated successfully, but these errors were encountered:
All reactions