2 matches found
_sendTokenToBribesProcessor() doesn't check bribesProcessor's address. Could cause permanent loss of fund
Lines of code Vulnerability details Impact In sendTokenToBribesProcessor, it sends tokens to bribesProcessor. It seems to be ok because claimBribesFromHiddenHand will confirm that bribesProcessor is not address0. sweepRewardToken also triggers sendTokenToBribesProcessor. But it doesn’t check...
attacker can call sweepRewardToken() when bribesProcessor==0 and reward funds will be lost because there is no check in sweepRewardToken() and _handleRewardTransfer() and _sendTokenToBribesProcessor()
Lines of code Vulnerability details Impact If the value of bribesProcessor was 0x0 the default is 0x0 and governance can set to 0x0 then attacker can call sweepRewardToken make contract to send his total balance in attacker specified token to 0x0 address. Proof of Concept the default value of...