5 matches found
accrueTokens will revert if any rebase tokens are used
Lines of code Vulnerability details Impact In PrimeLiquidityProvider.sol:accrueTokens we get the current balance of the passed token. If the token is any rebase token AMPL, stETH, RMPL and the current balance has become lower than tokenAmountAccruedtoken, the function will revert. This will lead ...
function 'accrueInterest(address vToken)' allows too many rewards to be allocated
Lines of code Vulnerability details Impact Malicious users can increase the number of rewards they receive within a block. Proof of Concept In the Prime contract, marketsvToken.rewardIndex is used to determine how many rewards are allocated to Prime token holders, and its value can only be change...
anyone with valid token address can create DOS for accrueInterest() in prime.sol
Lines of code Vulnerability details Impact anyone or attacker with valid token address can create DOSdenial of service for accrueInterest and functions using accrueInterest in prime.sol Proof of Concept a function accrueTokens in PrimeLiquidityProvider.sol has visibility pubic,it means anyone can...
totalBorrows inflates faster than the sum of each position's debt
Lines of code Vulnerability details Impact File: VToken.sol 678 function accrueInterest public virtual override returns uint256 --skip-- 710 Exp memory simpleInterestFactor = mulExp mantissa: borrowRateMantissa , blockDelta; 711 uint256 interestAccumulated = mulScalarTruncatesimpleInterestFactor,...
When borrowRateMantissa is higher than the limit value, VToken contract will be DOS
Lines of code Vulnerability details Impact File: VToken.sol 678 function accrueInterest public virtual override returns uint256 --skip-- 695 uint256 borrowRateMantissa = interestRateModel.getBorrowRatecashPrior, borrowsPrior, reservesPrior; 696 requireborrowRateMantissa borrowRateMaxMantissa. Thi...