Back to codetilda's contests

Popcorn contest - codetilda's results

A multi-chain regenerative yield-optimizing protocol.

General Information

Platform: Code4rena

Start Date: 31/01/2023

Pot Size: $90,500 USDC

Total HM: 47

Participants: 169

Period: 7 days

Judge: LSDan

Total Solo HM: 9

Id: 211

League: ETH

Popcorn

Findings Distribution

Researcher Performance

Rank: 149/169

Findings: 1

Award: $35.48

QA:
grade-b

🌟 Selected for report: 0

🚀 Solo Findings: 0

External Links

Code4rena Contest PageGithub Contest RepositoryGithub Findings RepositoryPopcorn

Findings Information

🌟 Selected for report: IllIllI

Also found by: 0x3b, 0xAgro, 0xBeirao, 0xMirce, 0xNineDec, 0xRobocop, 0xSmartContract, 0xTraub, 0xWeiss, 2997ms, 41i3xn, Awesome, Aymen0909, Bauer, Bnke0x0, Breeje, Cryptor, DadeKuma, Deathstore, Deekshith99, DevABDee, DevTimSch, Dewaxindo, Diana, Ermaniwe, Guild_3, H0, IceBear, Inspectah, JDeryl, Kaiziron, Kaysoft, Kenshin, Mukund, Praise, RaymondFam, Rickard, Rolezn, Ruhum, Sathish9098, SkyWalkerMan, SleepingBugs, UdarTeam, Udsen, Walter, aashar, adeolu, apvlki, arialblack14, ast3ros, btk, chaduke, chandkommanaboyina, chrisdior4, climber2002, codetilda, cryptonue, cryptostellar5, csanuragjain, ddimitrov22, descharre, dharma09, doublesharp, eccentricexit, ethernomad, fs0c, georgits, halden, hansfriese, hashminer0725, immeas, lukris02, luxartvinsec, matrix_0wl, merlin, mookimgo, mrpathfindr, nadin, olegthegoat, pavankv, rbserver, rebase, savi0ur, sayan, scokaf, seeu, shark, simon135, tnevler, tsvetanovv, ulqiorra, ustas, waldenyan20, y1cunhui, yongskiws, yosuke

Awards

35.4779 USDC - $35.48

Labels

bug
grade-b
QA (Quality Assurance)
Q-58

External Links

Link to GitHub issue

[L-01] Missing ReEntrancy Guard to claimRewards function in MultiRewardStaking.sol

Violation of the CEI(Checks/Effects/Iteraction) pattern without ReEntrancy guard may result in an unsafe external call (ReEntrancy Attack).

Instance:

MultiRewardStaking.sol#L170

function claimRewards(address user, IERC20[] memory _rewardTokens) external accrueRewards(msg.sender, user) {
  for (uint8 i; i < _rewardTokens.length; i++) {
  
  @audit CHECKS
  uint256 rewardAmount = accruedRewards[user][_rewardTokens[i]];

  if (rewardAmount == 0) revert ZeroRewards(_rewardTokens[i]);
      
  EscrowInfo memory escrowInfo = escrowInfos[_rewardTokens[i]];
  
  @audit ITERACTION
  if (escrowInfo.escrowPercentage > 0) {
    _lockToken(user, _rewardTokens[i], rewardAmount, escrowInfo);
    emit RewardsClaimed(user, _rewardTokens[i], rewardAmount, true);
  } else {
    _rewardTokens[i].transfer(user, rewardAmount);
    emit RewardsClaimed(user, _rewardTokens[i], rewardAmount, false);
  }

  @audit EFFECTS
  accruedRewards[user][_rewardTokens[i]] = 0;
  }
}

Move line of code accruedRewards[user][_rewardTokens[i]] = 0; to the top before actual "Iteraction" part of function to achieve CEI pattern

function claimRewards(address user, IERC20[] memory _rewardTokens) external accrueRewards(msg.sender, user) {
  for (uint8 i; i < _rewardTokens.length; i++) {
  
  @audit CHECKS
  uint256 rewardAmount = accruedRewards[user][_rewardTokens[i]];

  if (rewardAmount == 0) revert ZeroRewards(_rewardTokens[i]);
      
  EscrowInfo memory escrowInfo = escrowInfos[_rewardTokens[i]];
  
  + @audit EFFECTS
  + accruedRewards[user][_rewardTokens[i]] = 0;
  
  @audit ITERACTION
  if (escrowInfo.escrowPercentage > 0) {
    _lockToken(user, _rewardTokens[i], rewardAmount, escrowInfo);
    emit RewardsClaimed(user, _rewardTokens[i], rewardAmount, true);
  } else {
    _rewardTokens[i].transfer(user, rewardAmount);
    emit RewardsClaimed(user, _rewardTokens[i], rewardAmount, false);
  }

  - @audit EFFECTS
  - accruedRewards[user][_rewardTokens[i]] = 0;

  }
}

#0 - c4-judge

2023-02-28T15:04:32Z

dmvt marked the issue as grade-b

AuditHub

A portfolio for auditors, a security profile for protocols, a hub for web3 security.

Built bymalatrax © 2024

Auditors

Browse

Contests

Browse

Get in touch

ContactTwitter