7 matches found
governor can steal funds of user from all created streams using arbitraryCall
Handle hack3r-0m Vulnerability details Impact user approves token x to stream contract approval amount is typeuint256.max user calls createIncentivetoken x, someAmount incentivesx = someAmount creator calls claimIncentivetoken x incentivesx = 0 governance can arbitraryCall with data as ERC20token...
ArbitraryCall() allows attackers to steal ERC20 tokens from users wallets
Handle Jujic Vulnerability details A call to an arbitrary contract with custom calldata is made in arbitraryCalladdress who, bytes memory data, which means the contract can be an ERC20 token, and the calldata can be transferFrom a previously approved user. Impact The wallet balances for the amoun...
Improper implementation of arbitraryCall() allows protocol gov to steal funds from users' wallets
Handle WatchPug Vulnerability details function arbitraryCalladdress who, bytes memory data public lock externallyGoverned // cannot have an active incentive for the callee requireincentiveswho == 0, "inc"; ... When an incentiveToken is claimed after endStream, incentiveswho will be 0 for that...
arbitraryCall enables streamCreator to remove incentive tokens before endStream
Handle bitbopper Vulnerability details Impact streamCreator can remove incentive tokens before endStream by calling approve on the token beforehand. streamCreator has following methods of attack: guess from whom and with what he is going to be incentiviced listen in the mempool and win PGA in ord...
Locke.sol:Stream - possible DOS on arbitraryCall
Handle ScopeLift Vulnerability details Impact If there's an airdrop that arbitraryCall would like to call, it could be DOSed by first calling createIncentive with the airdropped token, then backrunning calls to claimIncentive with calls to createIncentive. Proof of Concept Tools Used Recommended...
Possible incentive theft through the arbitraryCall() function
Handle toastedsteaksandwich Vulnerability details Impact The Locke.arbitraryCall function allows the inherited governance contract to perform arbitrary contract calls within certain constraints. Contract calls to tokens provided as incentives through the createIncentive function are not allowed i...
arbitraryCall() can get blocked by an attacker
Handle GiveMeTestEther Vulnerability details Impact "arbitraryCall"'s L733 use case is to claim airdrops by "gov". If the address "who" is a token that could be send as an incentive by an attacker via "createIncentive" then such claim can be made unusable, because on L735 there is a...