FV-SOL-1-C6 Read-Only

TLDR

Read-only reentrancy exploits functions that only perform "view" operations (i.e., don’t directly change state) but still affect the contract's behavior based on inconsistent state.

While such functions don’t modify storage, they may still provide inaccurate or exploitable information if they rely on external contract calls that can reenter and manipulate state elsewhere.

Game

Think about what would happen if msg.sender is a contract that re-enters getPrizeEligibility via a fallback function during the call to claimPrize

// SPDX-License-Identifier: MIT
// Open me in VSCode and really think before opening the hints!
// Add @audit tags wherever suspicious
// Go to the solidity docs to complete missing knowledge of what's happening here
// Solve by drafting a fix!
pragma solidity ^0.8.0;

contract ReadOnlyReentrancyGame {
    mapping(address => uint256) public balances;
    bool public prizeClaimed = false;

    function deposit() public payable {
        balances[msg.sender] += msg.value;
    }

    function getPrizeEligibility() public view returns (bool) {
        // Checks if the user has a balance and the prize is not yet claimed
        return (balances[msg.sender] >= 1 ether && !prizeClaimed);
    }

    function claimPrize() public {
        require(getPrizeEligibility(), "Not eligible for prize");
        prizeClaimed = true;
        (bool success, ) = msg.sender.call{value: 1 ether}("");
        require(success, "Transfer failed");
    }
}
PreviousFV-SOL-1-C5 DynamicNextFV-SOL-2 Precision Errors

Last updated