Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Proper check-effect-interactions pattern not followed all over the protocol #2121

Open
codehawks-bot opened this issue Aug 8, 2023 · 1 comment
Open

Proper check-effect-interactions pattern not followed all over the protocol #2121

codehawks-bot opened this issue Aug 8, 2023 · 1 comment
Labels
finding-cei-i human-checked info

Comments

@codehawks-bot
Copy link

Proper check-effect-interactions pattern not followed all over the protocol

Severity

Medium Risk

Relevant GitHub Links

https://github.com/Cyfrin/2023-07-beedle/blob/main/src/Lender.sol#L182C5-L192C6

Proper check-effect-interactions pattern not followed all over the protocol it make vulnerable to re-entrancy and no re-entrancy guard also used.

https://github.com/Cyfrin/2023-07-beedle/blob/main/src/Lender.sol It is all over this file

Example:
Transferring the loanToken to lender before updating pools mapping

159:  IERC20(p.loanToken).transfer(
                p.lender,
                currentBalance - p.poolBalance
            );
        }

        emit PoolBalanceUpdated(poolId, p.poolBalance);

        if (pools[poolId].lender == address(0)) {
            // if the pool doesn't exist then create it
            emit PoolCreated(poolId, p);
        } else {
            // if the pool does exist then update it
            emit PoolUpdated(poolId, p);
        }

175:        pools[poolId] = p;
    }

https://github.com/Cyfrin/2023-07-beedle/blob/main/src/Lender.sol#L159C13-L176C6
And
Updating the state before transferringFrom loanToken from lender to the protocol.

function addToPool(bytes32 poolId, uint256 amount) external {
        if (pools[poolId].lender != msg.sender) revert Unauthorized();
        if (amount == 0) revert PoolConfig();
        _updatePoolBalance(poolId, pools[poolId].poolBalance + amount);
        // transfer the loan tokens from the lender to the contract
        IERC20(pools[poolId].loanToken).transferFrom(
            msg.sender,
            address(this),
            amount
        );
    }

https://github.com/Cyfrin/2023-07-beedle/blob/main/src/Lender.sol#L182C5-L192C6

Recommendation:
Use Proper check-effect-interactions pattern and use openzeppelin re-entrancy guard wherever transferring assets to outside the protocol and use safeTransfer and safeTransferFrom of openzeppelin instead of simple transfers functions of ERC20.
@PatrickAlphaC PatrickAlphaC added info and removed medium labels Aug 10, 2023
@PatrickAlphaC
Copy link
Member

No proof here their is an actual bug, this is more of a pattern suggestion.

I agree they should follow CEI. Moving to informational finding.

@kamuikatsurgi kamuikatsurgi mentioned this issue Aug 24, 2023
Open
This was referenced Aug 24, 2023
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
finding-cei-i human-checked info
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@PatrickAlphaC @codehawks-bot