Lucene search
K

4 matches found

Code423n4
Code423n4
added 2022/01/13 12:0 a.m.9 views

[WP-H36] Admin of the index pool can withdrawCredit() after applyCover() to avoid taking loss for the compensation paid for a certain pool

Handle WatchPug Vulnerability details In the current implementation, when an incident is reported for a certain pool, the index pool can still withdrawCredit from the pool, which in the best interest of an index pool, the admin of the index pool is preferred to do so. This allows the index pool t...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/01/13 12:0 a.m.13 views

[WP-M35] PoolTemplate#applyCover Unbounded for loops allows an attacker to malfunction applyCover(), making it impossible to change the marketStatus of the Pool to Payingout status

Handle WatchPug Vulnerability details function applyCover uint256 pending, uint256 payoutNumerator, uint256 payoutDenominator, uint256 incidentTimestamp, bytes32 merkleRoot, string calldata rawdata, string calldata memo external override onlyOwner requirepaused == false, "ERROR: UNABLETOAPPLY";...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/01/12 12:0 a.m.8 views

Owner can call applyCover multiple times in PoolTemplate.sol

Handle camden Vulnerability details Impact The owner could potentially extend the insurance period indefinitely in the applyCover function without ever allowing the market to resume. This is because there is no check in applyCover to ensure that the market is in a Trading state. This can also all...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/01/12 12:0 a.m.8 views

iteration over unbounded array

Handle danb Vulnerability details the functions applyCover and resume iterate over unbounded array. anyone can create an index and add it to the pool, therefore it is possible to add many indexes and prevent any call to applyCover and resume because of passing the gas limit. --- The text was...

7AI score
Exploits0
Rows per page
Query Builder