Spaces:

Codex47
/

SmartContractAudit

Sleeping

App Files Files Community

ajaxwin commited on Apr 2

Commit

c098748

1 Parent(s): 7203787

Updated dataset

Browse files

Files changed (2) hide show

data/Template.json +6 -6
data/contracts.json +0 -0

data/Template.json CHANGED Viewed

@@ -51,8 +51,8 @@
       "events": ["Transfer"],
       "vulnerable": false,
       "vulnerability_details": null,
-      "rule_broken_english": null,
-      "rule_broken_specs": null
     },
     {
       "name": "withdraw",
@@ -78,8 +78,8 @@
         "description": "The withdraw function updates balance after making an external call, allowing reentrancy attacks",
         "mitigation": "Use checks-effects-interactions pattern: update balance before external call"
       },
-      "rule_broken_english": "When a user withdraws x amount of ETH, the user's balance should decrease by x. Due to reentrancy, an attacker can call withdraw recursively before balance is updated, draining more than their balance.",
-      "rule_broken_specs": "Pre-condition: User has balance B. Operation: withdraw(amount). Expected post-condition: User balance = B - amount. Actual vulnerability: Reentrant calls allow multiple withdrawals before balance update, resulting in user balance = B - (n * amount) where n > 1, violating the expected post-condition."
     }
   ],
@@ -129,8 +129,8 @@
       "description": "The withdraw function updates state after making an external call, allowing reentrancy attacks where an attacker can recursively call withdraw before the balance is updated",
       "status": "Fixed",
       "mitigation": "Moved balance update before external call (checks-effects-interactions pattern)",
-      "rule_broken_english": "When a user withdraws x amount, the user's balance should decrease by x. Due to reentrancy, an attacker can withdraw multiple times before balance updates, draining more than their balance.",
-      "rule_broken_specs": "Pre-condition: User balance = B. Operation: withdraw(amount). Expected: User balance = B - amount. Actual: Reentrant calls allow user balance = B - (n * amount) where n > 1."
     }
   ],

       "events": ["Transfer"],
       "vulnerable": false,
       "vulnerability_details": null,
+      "property": null,
+      "property_specification": null
     },
     {
       "name": "withdraw",
         "description": "The withdraw function updates balance after making an external call, allowing reentrancy attacks",
         "mitigation": "Use checks-effects-interactions pattern: update balance before external call"
       },
+      "property": "When a user withdraws x amount of ETH, the user's balance should decrease by x. Due to reentrancy, an attacker can call withdraw recursively before balance is updated, draining more than their balance.",
+      "property_specification": "Pre-condition: User has balance B. Operation: withdraw(amount). Expected post-condition: User balance = B - amount. Actual vulnerability: Reentrant calls allow multiple withdrawals before balance update, resulting in user balance = B - (n * amount) where n > 1, violating the expected post-condition."
     }
   ],
       "description": "The withdraw function updates state after making an external call, allowing reentrancy attacks where an attacker can recursively call withdraw before the balance is updated",
       "status": "Fixed",
       "mitigation": "Moved balance update before external call (checks-effects-interactions pattern)",
+      "property": "When a user withdraws x amount, the user's balance should decrease by x. Due to reentrancy, an attacker can withdraw multiple times before balance updates, draining more than their balance.",
+      "property_specification": "Pre-condition: User balance = B. Operation: withdraw(amount). Expected: User balance = B - amount. Actual: Reentrant calls allow user balance = B - (n * amount) where n > 1."
     }
   ],

data/contracts.json CHANGED Viewed

The diff for this file is too large to render. See raw diff