Skip to content

Title of the vulnerability

id: TBA  # Leave this as "TBA"; the team will assign the official ID
title: Example Vulnerability Title
baseSeverity: M # Worst-case severity; Options: C | H | M | L | I | G
category: access-control
language: solidity
blockchain: [ethereum]
impact: Unauthorized asset withdrawal
status: draft # Options: draft | verified | published
complexity: low # Options: low | medium | high
attack_vector: external
mitigation_difficulty: easy # Options: easy | medium | hard
versions: [">0.6.0", "<0.8.0"]
cwe: CWE-284
swc: SWC-105

๐Ÿ“ Description

Explain the vulnerability in clear terms. Focus on:

  • What fundamental flaw creates this vulnerability
  • Where this pattern commonly appears in smart contracts
  • Why this vulnerability is dangerous (technical impact)

๐Ÿšจ Vulnerable Code

// Replace with a minimal, complete example
function withdraw(uint amount) public {
    require(balances[msg.sender] >= amount);
    (bool sent, ) = msg.sender.call{value: amount}("");
    require(sent);
    balances[msg.sender] -= amount;
}

๐Ÿงช Exploit Scenario

Step-by-step exploit process:

  1. Attacker deploys a malicious contract that...
  2. The attacker then calls...
  3. During execution, the vulnerable contract...
  4. This allows the attacker to...

Assumptions: List any prerequisites for the attack

โœ… Fixed Code

// Safer implementation
function withdraw(uint amount) public {
    require(balances[msg.sender] >= amount);
    balances[msg.sender] -= amount;
    (bool sent, ) = msg.sender.call{value: amount}("");
    require(sent);
}

๐Ÿงญ Contextual Severity

- context: "Default"
  severity: M
  reasoning: "Assumes average-case scenario without strong mitigations."
- context: "Public DeFi Protocol without reentrancy guards"
  severity: H
  reasoning: "Widespread impact likely due to external contract call patterns."
- context: "Private contract with access-controlled functions"
  severity: L
  reasoning: "Risk significantly reduced due to limited user access and internal-only interactions."

๐Ÿ›ก๏ธ Prevention

Primary Defenses

  • Most important prevention technique
  • Second most important technique

Additional Safeguards

  • Additional defensive measures
  • Testing approaches

Detection Methods

  • How to detect this issue in existing code
  • Tools that can help identify this vulnerability

๐Ÿ•ฐ๏ธ Historical Exploits

Case studies, notable incidents, or real-world examples relevant to this vulnerability.

๐Ÿ“š Further Reading

Additional resources, tools, or discussions related to this vulnerability.

โœ… Vulnerability Report Template

id: <unique-vulnerability-id>
title: <vulnerability-title>
severity: < H | M | L | I | G>
score:
impact: <0-5>
exploitability: <0-5>
reachability: <0-5>
complexity: <0-5>
detectability: <0-5>
finalScore: <calculated-weighted-score>

๐Ÿ“„ Justifications & Analysis

Provide technical rationales for each axis score here:

  • Impact: [Explain why this bug would (or wouldnโ€™t) cause financial/state loss]
  • Exploitability: [Clarify the conditions under which this can be triggered]
  • Reachability: [Is the code path realistically invoked? Any blockers?]
  • Complexity: [How much attacker effort, knowledge, or setup is required?]
  • Detectability: [Would this be caught in a standard audit pipeline?]