You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Let's assume the malicious actor has two contracts. The first contract will underwrite the loan for 1 ether. The second contract controlled by the same malicious actor will underwrite the same loan for 1.1 ether. On line 209, the PawnBank contract will deliver 1 Ether to the first contract. If the first contract is designed to call underwriteLoan again when it receives Ether, then the PawnBank contract will deliver another 1 Ether to the first contract. This results in a liquidation of the PawnBank contract.
The text was updated successfully, but these errors were encountered:
Description of Bug
It is possible for a user to liquidate the PawnBank contract via the
underwriteLoanfunction through a re-entrancy attack. This is caused by line 209:and line 226:
How to Reproduce The Bug
Let's assume the malicious actor has two contracts. The first contract will underwrite the loan for 1 ether. The second contract controlled by the same malicious actor will underwrite the same loan for 1.1 ether. On line 209, the PawnBank contract will deliver 1 Ether to the first contract. If the first contract is designed to call
underwriteLoanagain when it receives Ether, then the PawnBank contract will deliver another 1 Ether to the first contract. This results in a liquidation of the PawnBank contract.The text was updated successfully, but these errors were encountered: