2 matches found
After pool is initialized, user can perform a sandwich attack through front-running and back-running mint transaction by calling swap function twice to manipulate initial price to be much different than market price and gain much more of output token than expected
Lines of code Vulnerability details Impact After the following initialize function is called, the pool does not own any of the tokens at that moment since the mint function below is not called yet. When the mint transaction is sent, a malicious user can notice it in the mempool and front-run it b...
Users are susceptible to back-running when depositing ETH to TridenRouter
Handle broccoli Vulnerability details Impact The depositToBentoBox and depositFromUserToBentoBox allow users to provide ETH to the router, which is later deposited to the bento contract for swapping other assets or providing liquidity. However, in these two functions, the input parameter does not...