Reentrancy vulnerability in liquidateCollateral function

Summary

The liquidateCollateral function may be vulnerable to reentrancy attacks due to the transfer of collateral tokens before updating the state to BidState.Liquidated.

Vulnerability Detail

In the CollateralManager.sol file, the liquidateCollateral function transfers collateral tokens before updating the state to BidState.Liquidated. This could potentially make the function vulnerable to reentrancy attacks.

Impact

Potential loss of funds and compromised platform integrity due to reentrancy attacks.

Code Snippet

https://github.com/sherlock-audit/2023-03-teller/blob/main/teller-protocol-v2/packages/contracts/contracts/CollateralManager.sol#L268

Tool used

Manual Review

Recommendation

Implement the ReentrancyGuard from the OpenZeppelin library or use a similar mechanism to protect the liquidateCollateral function from reentrancy attacks.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

044.md

044.md

Reentrancy vulnerability in liquidateCollateral function

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation

Files

044.md

Latest commit

History

044.md

File metadata and controls

Reentrancy vulnerability in liquidateCollateral function

Summary

Vulnerability Detail

Impact

Code Snippet

Tool used

Recommendation