Leaders in Blockchain cybersecurity.
function (line 1508):
function is to handle token deposits. The function takes two arguments, the asset (the asset that the user wishes to deposit), and the amount (the number of tokens he wishes to deposit).
function is as follows:
storage (line 1514), then,
function is invoked (line 1526). This function (externally) calls the asset contract in order to figure if the user has the number of tokens he wishes to deposit and that he approved the
contract to withdraw this amount on his behalf.
function is invoked (line 1583) which (externally) calls the asset contract’s
function (line 405) that in turn transfers the amount from the user to the
contract. After the return from the external call the
function is updating the user’s deposited balance (lines 1599–1600).
function’s logic briefly. In a simplified manner, this function gets the requested amount of tokens to withdraw, checks that the user holds at least this amount of tokens then transfers these tokens to the user by (externally) calling the token contract
function is actually updating the user’s asset balance after the external call to
(lines 1599–1600), but based on a value that was read before the external call (line 1514), which means that the update potentially ignores any updates that were made within the external call. In many terms, we can consider this anomaly to be a “Lost Update”.
function and thus,
function are invoked (lines 866, 1056 respectively) before the actual transfer of value between the two parties.
function before the invocation of
( asset =
, amount = 9). At this point, the attacker holds a supply of 9 imBTC in the
contract, and a balance of 1 imBTC in the imBTC token contract.The attacker would place the second transaction that invokes
(asset = imBTCAddress, amount = 1) , but now with an external call to
= 9) inside the
contract is 10! This unwanted state occurred as the
function increases the supply for the attacker (lines 1599–1600) it uses stale data.
contract, backed by nothing.
instead. Make sure that any pair of code paths that have a possible read/write conflict for a variable will be “reentrancy guarded”. For example, in this case, deploying a reentrancy guard only for the
function would not solve the problem, it should be deployed for the
function as well. Valid network’s automated tools can help identify locations where these guards are missing, or incorrectly implemented.