The withdraw and getReward functions transfer tokens to users before updating the user's balance or rewards. This could lead to reentrancy attacks.

Summary

Use the ReentrancyGuard from OpenZeppelin or follow the Checks-Effects-Interactions pattern by updating state variables before transferring tokens.

function withdraw(uint _amount) external updateReward(msg.sender) {
    require(_amount > 0, "amount = 0");
    require(balanceOf[msg.sender] >= _amount, "withdrawal exceeds balance");
    
    balanceOf[msg.sender] -= _amount;
    totalSupply -= _amount;

    // Transfer tokens after state updates
    stakingToken.transfer(msg.sender, _amount);
}

Root Cause

https://github.com/sherlock-audit/2024-12-numa-audit/blob/main/Numa/contracts/Staking/StakingRewards.sol#L76-L81

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

No response

Impact

No response

PoC

No response

Mitigation

No response

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

025.md

025.md

The withdraw and getReward functions transfer tokens to users before updating the user's balance or rewards. This could lead to reentrancy attacks.

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation

Files

025.md

Latest commit

History

025.md

File metadata and controls

The withdraw and getReward functions transfer tokens to users before updating the user's balance or rewards. This could lead to reentrancy attacks.

Summary

Root Cause

Internal pre-conditions

External pre-conditions

Attack Path

Impact

PoC

Mitigation