Race condition prevention¶
A systematic development method prevents race conditions? Yes / No
A systematic development method is applied to all financial transactions so that race conditions cannot compromise transaction integrity. Otherwise exploiting the race condition allows the attacker to manipulate account balances.
For all financial transactions:
- Optimistic database-level transaction isolation is applied or...
- Pessimistic application level locks are applied.
The software should be developed in such a manner that there is only one function to make transfers out from the system or within the system. This function has a locking mechanism such that simultaneous transactions from the same account cannot compromise the atomicity, leading to double top up, double withdraw or account overdrawn.