Lucene search
K

14 matches found

Code423n4
Code423n4
added 2023/07/10 12:0 a.m.8 views

_addLiquidity() function will revert in first call

Lines of code Vulnerability details Impact The first user cant calls the addLiquidity function because this function doesn't handle the first call. addLiquidity function is calculate lp amount by calling calcLPTokenUnderlying function. so this function has a division for lpTokenSupply. in this...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/07/10 12:0 a.m.19 views

Well.sol::addLiquidity() Unauthorized Liquidity Addition for Fee-on-Transfer Tokens

Lines of code Vulnerability details Description The addLiquidity in the Well.sol contract allows any address to add liquidity to tokens with a fee-on-transfer mechanism. Although there is a another function available to add liquidity for Fee-on-transfer token name addLiquidityFeeOnTransfer. Howev...

6.5AI score
Exploits0
Code423n4
Code423n4
added 2023/07/10 12:0 a.m.16 views

The constant product invariant can be broken.

Lines of code Vulnerability details description Let reserves returned by Well.getReserves as x, y and Well.tokenSupply as k. They must maintain the invariant x y EXPPRECISION = k 2. However, the reserves can increase without updating the token supply if a user transfers one token of the well and...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/12/12 12:0 a.m.7 views

Overflow in BinMap can break pool

Lines of code Vulnerability details Impact The BinMap library performs multiplication on int32 values that can potentially overflow and cause the corresponding function calls to revert. The functions in question are used by essential Pool methods such as Pool.addLiquidity or Pool.swap and an...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/12/08 12:0 a.m.12 views

Anyone can call addLiquidity function and be the router

Lines of code Vulnerability details Impact Anyone can call addLiquidity, meaning that when IAddLiquidityCallbackmsg.sender.addLiquidityCallbacktokenAAmount, tokenBAmount, data; is called, the msg.sender can be a contract that a malicious user has deployed and has a addLiquidityCallbacktokenAAmoun...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/06/26 12:0 a.m.9 views

Yield of LiquidityReserve can be stolen

Lines of code Vulnerability details Impact Using sandwich attacks and JIT Just-in-time liquidity, the yield of LiquidityReserve could be extracted for liquidity providers. Proof of Concept The yield of LiquidityReserve is distributed when a user calls instantUnstakeReserve in Staking. Then, in...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/01/20 12:0 a.m.13 views

Fee always is zero in the first addLiquidity call

Handle 0x1f8b Vulnerability details Impact Fee always is zero during the first addLiquidity call. Proof of Concept The method MathLib.calculateLiquidityTokenFees is on charge to compute the liquidityToken fee, one of the arguments it's the totalSupply, and during the first call of addLiquidity...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/12/22 12:0 a.m.14 views

Reliance on exact balance

Handle pauliax Vulnerability details Impact functions addLiquidity721WETH and addLiquidity1155WETH rely on the exact balance of tokens: uint256 balance = count BASE; // We should not be experiencing fees. requirebalance == IERC20Upgradeablevault.balanceOfaddressthis, "Did not receive expected...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/12/01 12:0 a.m.6 views

Slippage protection

Handle pauliax Vulnerability details Impact functions buyMalt and sellMalt, and removeLiquidity have no slippage protection and addLiquidity hardcodes it to 5%: 0, // amountOutMin Mempool snipers can profit from that by monitoring the chain and sandwiching these functions. Now it is left for the...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/11/15 12:0 a.m.12 views

Unused slippage params

Handle pauliax Vulnerability details Impact Unused slippage params. function addLiquidity in VaderRouter both V1 and V2 do not use slippage parameters: uint256, // amountAMin = unused uint256, // amountBMin = unused making it susceptible to sandwich attacks / MEV. For a more detailed explanation,...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/07/11 12:0 a.m.6 views

Anyone can arbitrarily add router liquidity

Handle 0xRajeev Vulnerability details Impact The addLiquidity function takes a router address parameter whose liquidity is increased instead of assuming that router == msg.sender like done on removeLiquidity on this contract/chain by transferring the fund amount from router address to this contra...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/07/11 12:0 a.m.12 views

addLiquidity transfers tokens from the wrong sender

Handle pauliax Vulnerability details Impact In addLiquidity function, a router is passed as a sender in LibERC20.transferFrom, not msg.sender, so it basically transfers assets from the router to the contract. Recommended Mitigation Steps requireLibERC20.transferFromassetId, msg.sender, addressthi...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/07/10 12:0 a.m.12 views

addLiquidity can be denied

Handle cmichel Vulnerability details Vulnerability Details The addLiquidity function can be called by anyone to transfer funds from the router address specified as a function argument. These funds must be approved first by the router prior to calling this function. There are different griefing...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2021/04/28 12:0 a.m.15 views

Unrestricted addLiquidity could cause unintended results on front-end apps that listen to events.

Handle shw Vulnerability details Impact The addLiquidity function in Pool.sol lacks an access control, which allows an attacker to add liquidity for any specific user. Front-end apps that listen to AddLiquidity events may be affected by this vulnerability and may go wrong since it is not the user...

6.8AI score
Exploits0
Rows per page
Query Builder