4 matches found
Upgraded Q -> 2 from #320 [1699029592172]
Judge has assessed an item in Issue 320 as 2 risk. The relevant finding follows: 3. Testnet address being used In CamelotRelayer, CAMELOTFACTORY is assigned with Goerli testnet address, which may cause issue during the mainnet launch address internal constant CAMELOTFACTORY =...
Upgraded Q -> 2 from #221 [1699029747725]
Judge has assessed an item in Issue 221 as 2 risk. The relevant finding follows: L-02 Handling missing for case where ERC20 token has decimal 18 in CamelotRelayer & UniV3Relayer oracles Description In the constructor token decimals of an ERC20 is assumed to be = 18 which can be wrong for some...
TWAP can lead to loss of manipulation of price
Lines of code Vulnerability details Impact There are tradeoffs when choosing the length of the period of time to calculate a TWAP. Longer periods are better to protect against price manipulation, but come at the expense of a slower, and potentially less accurate, price. Proof of Concept Both the...
Rounding Bug in OracleLibrary.consult Impacting Pricing Accuracy and User Costs
Lines of code Vulnerability details Impact The rounding bug in the OracleLibrary.consult function has a significant impact on applications that rely on this function for price calculations, especially those involving asset swaps, collateral valuation, or other financial transactions. The bug caus...