Skip to content

Latest commit

 

History

History
40 lines (24 loc) · 1.1 KB

028.md

File metadata and controls

40 lines (24 loc) · 1.1 KB

moneyversed

high

Reentrancy vulnerability in liquidateLoan function

Summary

The liquidateLoan function might allow for reentrancy attacks due to the lack of proper reentrancy guards.

Vulnerability Detail

The liquidateLoan function transfers collateral tokens before updating the loan state to LoanState.Liquidated, potentially allowing a malicious actor to re-enter the function and exploit the contract to drain funds.

Impact

A malicious actor could potentially exploit this vulnerability to drain funds from the contract, leading to a loss of user funds and confidence in the platform.

Code Snippet

https://github.com/sherlock-audit/2023-03-teller/blob/main/teller-protocol-v2/packages/contracts/contracts/TellerV2.sol#L676

Tool used

Manual Review

Recommendation

Implement a reentrancy guard using OpenZeppelin's ReentrancyGuard library to protect the liquidateLoan function:

import "@openzeppelin/contracts/security/ReentrancyGuard.sol";

contract TellerV2 is ReentrancyGuard {
    ...
    function liquidateLoan(uint256 loanId) external nonReentrant {
        ...
    }
}