2 matches found
Unchecked increment in calculateRewards function of RewardsManager.sol.
Lines of code Vulnerability details Impact In the calculateRewards function, there is an unchecked increment in the for loop, in the code it can allow an attacker to cause an integer overflow in the calculateRewards function by manipulating the loop variable, resulting in incorrect rewards...
Comptroller rewards can be artificially inflated and drained by manipulating [totalStaked - totalFrozen] (or: wrong rewards calculation)
Handle kenzo Vulnerability details By adding a small of amount of staking to a normal user scenario, and not approving this small amount as a loan for anybody, a staker can gain disproportionate amounts of comptroller rewards, even to the point of draining the contract. For example: Stakers A,B,C...