Smart Contract Audit

joffrey · December 12, 2021, 1:41pm

Hello I have a solidity code to audit like this

pragma solidity ^0.8.0;

import "@openzeppelin/contracts/token/ERC20/IERC20.sol";

// Allow to split the balance through complex rules

interface Split{

function getAddressAndAmountToSplit() view external returns(address, uint);

}

// MyBank contract

// This contract allows anyone to store any ERC20 tokens

contract MyBank {

// (token => user => amount)

mapping (address => mapping(address => uint)) public userBalance;

// (address => Split contract)

mapping (address => Split) splits;

// Deposit ERC20 tokens to the contracts

// The user must approve the bank before calling addToBalance

function addToBalance(IERC20 token, uint amount) external

{

token.transferFrom(msg.sender, address(this), amount);

userBalance[address(token)][msg.sender] += amount;

}

// Withdraw part of the balance

function withdrawBalance(IERC20 token) external

{

token.transfer(msg.sender, userBalance[address(token)][msg.sender]);

userBalance[address(token)][msg.sender] = 0;

}

// Allow to register a split contract

function registerSplit(Split split) external{

splits[msg.sender] = split;

}

// Split the balance into two accounts

// The usage of a Split contract allows to create complex split strategies

function splitBalance(IERC20 token) external

{

Split split = splits[msg.sender];

require(split != Split(address(0x0)));

uint balance = userBalance[address(token)][msg.sender];

(address dest, uint amount) = Split(split).getAddressAndAmountToSplit();

userBalance[address(token)][dest] = amount;

userBalance[address(token)][msg.sender] = balance - amount;

}
}

What I found.

function withdrawBalance(IERC20 token) external possible reentrancy attack, because we check balance in the end
function splitBalance(IERC20 token) external - vulnerable business logic, because if amount is greater than balance we get negative value and possible integer overflow

If you have any idea of possible vulnerabilities of code above, please feel free to provide any further assistance

helio.rosa · December 13, 2021, 6:09am

you should be checking the bool returned by the transfer and transferFrom calls.

the only call to an external contract in withdrawBalance is the transfer call. it's vulnerable to a reentrancy attack if your contract handles an arbitrary, user controlled token that can perform the attack on that call.

add a lock if that is the case:

bool internal _locked = false;
modifier lock {
    require(!_locked, "locked");
    _locked = true;
    _;
    _locked = false;
}

Innocent_PHILIP · December 14, 2021, 9:08pm

I’ll advice you get an expert service.

Fortunately HashEx is offering FREE audits for smart contract.

You can register and get a free audit from HashEx... they’ve been in blockchain security for over 4 years, audited over 500 smart contracts and save real projects billions of $$

Save money while getting the best!

Topic		Replies	Views
Merging Compound's Governance Token with OpenZeppelin ERC20 implementation Contracts erc20 , design	3	950	December 9, 2020
External istead of public \| importing openzeppelin contracts \| smart contract report Contracts erc721	2	444	July 28, 2022
Need some help Smart Contracts erc20	7	1022	August 24, 2022
Is it possible to call the erc20 approve function from another contract? Contracts	5	10506	December 15, 2020
ERC20 Auto LP tax token using openzeppelin contracts-upgradeable Smart Contracts erc20 , proxies , upgrades , solidity	1	783	June 13, 2023

Smart Contract Audit

Related Topics