5 matches found
_safeJoeTransfer doesn't refund users JOE incase of rounding error
Handle jayjonah8 Vulnerability details Impact In WJLP.sol a user can call the claimReward function to claim the JOE rewards they are owed. This eventually calls the safeJoeTransfer function which will check if the amount to send is greater than the joeBal of the contract. If the amount is greater...
Reward token not correctly recovered
Handle cmichel Vulnerability details The Streaming contract allows recovering the reward token by calling recoverTokensrewardToken, recipient. However, the excess amount is computed incorrectly as ERC20token.balanceOfaddressthis - rewardTokenAmount + rewardTokenFeeAmount: function...
ConcentratedLiquidityPoolManager uses wrong index for incentive
Handle cmichel Vulnerability details The ConcentratedLiquidityPoolManager uses the positionId as an index for incentivespoolpositionId when it should be incentiveId instead: // @audit should be Incentive memory incentive = incentivespoolincentiveId; Incentive memory incentive =...
ConcentratedLiquidityPoolManager.sol#claimReward() and reclaimIncentive() will fail when incentive.token is token0 or token1
Handle WatchPug Vulnerability details In ConcentratedLiquidityPosition.collect, balances of token0 and token1 in bento will be used to pay the fees. uint256 balance0 = bento.balanceOftoken0, addressthis; uint256 balance1 = bento.balanceOftoken1, addressthis; if balance0 newBalance0 token0amount =...
Wrong reward calculation
Handle 0xsanson Vulnerability details Impact In ConcentratedLiquidityPoolManager, an user can claimReward of a subscribed position. In order to compute the correct amount, secondsUnclaimed needs to be calculated, but it's implemented incorrectly: uint256 secondsUnclaimed = maxTime -...