Report Date
May 6, 2024
Status
Closed
Payout
User/Beanstalk ETH value can be drained by Malicious Actors
‣
BIC Response
advancedFarm does not have a reentrancy guard because the purpose of the function is to call multiple functions within Beanstalk in a single transaction. If advancedFarm had a reentrancy guard, the function would fail upon calling any nonReentrant function (rendering it effectively useless). Furthermore, the issue described in the report requires someone to send ETH directly to Beanstalk, which is considered user error.