The BlockSec alert system detected that the Revest Finance project suffered a re-entry attack at 10:04 am on March 27. The reasons for analysis are as follows:
1) Next NFT id (FNFTHandler.getNextId) is updated after mint, so reentrancy (in ERC1155 mint) is able to create NFT on current id.
2) mapFNFToToken will overwrite the state of the token id without checking. At present, the project party has suspended the token contract.
DISCLAIMER: The information provided by WebsCrypto does not represent any investment suggestion. The articles published on this site only represent personal opinions and have nothing to do with the official position of WebsCrypto.