Reentrancy
Report ID
#23254
Report type
Smart Contract
Has PoC?
Yes
Target
Impacts
- Direct theft of any user funds, whether at-rest or in-motion, other than unclaimed yield
Bug Description
Reentrancy
Risk Breakdown
Difficulty to Exploit: Easy Weakness: CVSS2 Score:
Recommendation
To fix this vulnerability, the function increaseBalance should be made non-reentrant. This can be done by adding the modifier nonReentrant() to the function declaration. This will prevent other contracts from calling increaseBalance while it is still executing.
Proof of concept
The function "increaseBalance" is reentrant. This means that it is possible for another contract to call "increaseBalance" while it is still executing. This could lead to an attacker stealing funds from the contract.
To fix this vulnerability, the function "increaseBalance" should be made non-reentrant. This can be done by adding the modifier nonReentrant() to the function declaration.
. This is a serious vulnerability that could allow an attacker to steal funds from the contract. The vulnerability is located in the function increaseBalance. This function is reentrant, which means that it is possible for another contract to call increaseBalance while it is still executing. This could lead to the attacker being able to call increaseBalance multiple times, which would allow them to steal funds from the contract.
To fix this vulnerability, the function increaseBalance should be made non-reentrant. This can be done by adding the modifier nonReentrant() to the function declaration. This will prevent other contracts from calling increaseBalance while it is still executing.
BIC Response
This is not a valid bug report because there is no increaseBalance
function in the Beanstalk code base. Additionally, the report is extremely sparse in its detail of how to exploit the issue and there is no proof of concept.
Due to these reasons, we are closing the submission and no reward will be issued.