Cantina
Acme Corp/New Scan Acme Corp/vault-contracts/Scan #4 Acme Corp/vault-contracts/Scan #4 Scan #4/TEST-1 Acme Corp/vault-contracts/Scan #4
A
New Scan
Select repositories to scan for vulnerabilities
vault-contracts
Solidity · 24 files
main
token-bridge
Solidity · 18 files
develop
governance-module
Solidity · 12 files
main
1 repository selected
Scanning
Running
0% 0s elapsed
Preparing environment 12s
Indexing source files 48s
Hunting vulnerabilities 0s
Validating & generating report
Findings
12 found
2 Critical
4 High
3 Medium
2 Low
1 Info
TEST-1 Reentrancy Attack in withdraw() Function Critical
TEST-2 Unprotected selfdestruct in Proxy Contract Critical
TEST-3 Missing Access Control on Admin Functions High
TEST-4 Integer Overflow in Token Calculation Medium
Critical Reentrancy Attack in withdraw()
Vault.sol — Recommended fix solidity
1// Use checks-effects-interactions pattern
2function withdraw(uint256 amount) external {
3 require(balances[msg.sender] >= amount);
4 balances[msg.sender] -= amount;
5 (bool ok, ) = msg.sender.call{value: amount}("");
6 require(ok, "Transfer failed");
7}
Severity
Critical
Finding
TEST-1
Confidence
92%
File
Vault.sol:42

Code Patched

All critical vulnerabilities have been resolved

12/12 findings addressed