Lucene search
K

29 matches found

Code423n4
Code423n4
added 2023/07/31 12:0 a.m.16 views

Any user can claim rewards infinitely from the market without respecting the accrued rewards time

Lines of code Vulnerability details Impact calculateSupplyRewardsForUser updates the user accrued rewards based on the user balance of mTokens & on global and user indicies difference which is the time difference between the last reard claim and the current time . Comptroller contract: one of the...

6.5AI score
Exploits0
Code423n4
Code423n4
added 2023/07/05 12:0 a.m.19 views

setBooster() function may be used to steal unclaimed rewards in FlywheelCore contract

Lines of code Vulnerability details Lines of code Vulnerability details Impact A malicious owner can steal all unclaimed rewards and break the reward accounting mechanism Proof of Concept Even if the owner is a good guy but the fact that there exists a rug vector available may negatively impact t...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/05/11 12:0 a.m.11 views

Lack of Access Control in claimRewards Function

Lines of code Vulnerability details Impact The calculateNewRewards function should also check whether the rewardsCapped variable is greater than the rewardsClaimedInEpoch variable to ensure that rewards are not claimed that exceed the reward cap, because an attacker could exploit this vulnerabili...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/05/11 12:0 a.m.16 views

Users may lose rewards

Lines of code Vulnerability details Impact In RewardsManager.sol we have claimRewards function: function claimRewards uint256 tokenId, uint256 epochToClaim external override StakeInfo storage stakeInfo = stakestokenId; if msg.sender != stakeInfo.owner revert...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/09 12:0 a.m.12 views

Loss of reward for stakingRewardRecipient

Lines of code Vulnerability details Impact Anyone can call claimRewards function with rewardType = LotteryRewardType.STAKING, in which function LotteryMath.calculateRewards is used to calculate reward to transfer to beneficiary. By observing number of ticketsSold calculated from the...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/02/16 12:0 a.m.9 views

Attacker can cause loss to rToken holders and stakers by running BackingManager._manageTokens before rewards are claimed

Lines of code Vulnerability details Impact The assets that back the rTokens are held by the BackingManager and can earn rewards. The rewards can be claimed via the TradingP1.claimRewards and TradingP1.claimRewardsSingle function. The BackingManager inherits from TradingP1 and therefore the above...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/02/07 12:0 a.m.8 views

Risk of reentrancy attacks in the claimRewards function

Lines of code Vulnerability details Impact The claimRewards function in the MultiRewardStaking contract is used by users to claim token rewards, but because the function does not contain a nonReentrant modifier and does not implement the CEI standard check-effect-interact it can be subject to...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/02/07 12:0 a.m.20 views

claimRewards is not re-entrancy safe.

Lines of code Vulnerability details Impact In MultiRewardStaking the function claimRewards doesn’t have nonReentrant which makes it possible to re-enter the function. If one of the reward tokens in ERC-777 token, it is possible to re-enter and claim the reward again and again until the contract i...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/02/07 12:0 a.m.8 views

reentrancy in MultiRewardStaking::claimRewards for tokens with transfer callbacks, like erc777

Lines of code Vulnerability details Impact An attacker can drain all the tokens from MultiRewardStaking Proof of Concept In claimtRewards important state changes are done after interactions with tokens: File: MultiRewardStaking.sol function claimRewardsaddress user, IERC20 memory rewardTokens...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/02/07 12:0 a.m.9 views

Overflow tokens

Lines of code Vulnerability details Impact If admin will add more than 255 tokens in rewardToken, there would'nt any way to withdraw tokens or claim rewards Proof of Concept for example: all users deposit their money.After some time admin's add more tokensa, length of array with Token grow's to...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/02/07 12:0 a.m.9 views

RewardTokens can be locked in MultiRewardStaking contract when the rewardsEndTimestamp of the rewardsTokens are different.

Lines of code Vulnerability details Impact To claim reward tokens from the MultiRewardStaking contract deployed, a user must call claimRewardsaddress user, IERC20 memory rewardsTokens. The rewardsTokens array is populated with getAllRewardsTokens which returns all the reward Tokens the...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/02/07 12:0 a.m.12 views

MultiRewardStaking claimRewards() reentrancy for ERC-777 reward tokens

Lines of code Vulnerability details Impact A hacker can drain an ERC-777 reward token funds via reentrancy. This is because in the claimRewards function, the transfer of the reward token which triggers the hacker's ERC-777 hook takes place before setting accruedRewardsuserrewardTokensi to zero...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/05/25 12:0 a.m.11 views

AuraClaimZap's claimRewards can permanently freeze user Aura funds

Lines of code Vulnerability details If claimRewards is called with depositCvxMaxAmount 0 and Options.LockCvx == false, the up to depositCvxMaxAmount AURA tokens are pulled from the user, but never get staked. There looks to be no way to retrieve Aura tokens ended up on AuraClaimZap balance this...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/05/01 12:0 a.m.11 views

Owner or Managers can rug Aave rewards

Lines of code Vulnerability details Impact A malicious owner or manager can steal all Aave rewards that are meant for PoolTogether users Even if the user is benevolent the fact that there is a rug vector available may negatively impact the protocol's reputation. Proof of Concept File:...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/05/01 12:0 a.m.7 views

claimRewards() may have a rug risk.

Lines of code Vulnerability details Impact Although claimRewards is supposed to be called by the owner or managers to claim the rewards, it still could be a "rug risk". The owner or managers can take all the rewards unconditionally. Proof of Concept function claimRewardsaddress to external...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/05/01 12:0 a.m.6 views

Owner can steal rewards

Lines of code Vulnerability details Impact Users may not get their AAVE rewards Proof of Concept The claimRewards function allows the owner to send any rewards distributed by AAVE to any address. The rewards are being earned using user's funds but they aren't returned back to users and the owner...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/04/30 12:0 a.m.12 views

Manager or owner can send rewards to any address

Lines of code Vulnerability details Impact In the claimRewards function, manager or owner can send rewards to any address. function claimRewardsaddress to external onlyManagerOrOwner returns bool requireto != address0, "AaveV3YS/payee-not-zero-address"; address memory assets = new address; assets...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/04/29 12:0 a.m.10 views

Reentrency in claimRewards in ConcurRewardPool

Judge @GalloDaSballo has assessed the 1st item in QA Report 163 as Medium risk. The relevant finding follows: … Reentrency in claimRewards in ConcurRewardPool The function claimRewards is open to reenterncy, if the safeTransfer function of a token calls the claimRewards again the tokens can be...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/04/29 12:0 a.m.7 views

claimRewards() didnt follow the safe check effect pattern

Judge @GalloDaSballo has assessed the 2nd item in QA Report 230 as Medium risk. The relevant finding follows: … Impact a user can claim a reward by calling the claimRewards, however this function didnt follow the correct check effect pattern, where the zero address is set after making an external...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/04/28 12:0 a.m.10 views

Potential reentrance in claimRewards

Judge @GalloDaSballo has assessed the 1st item in QA Report 36 as Medium risk. The relevant finding follows: … POC IERC20tokensi.safeTransfermsg.sender, getting; rewardmsg.sendertokensi = 0; Considering there are exterTokens, it is possible that some token will provide reentry opportunities...

6.9AI score
Exploits0
Rows per page
Query Builder