Lucene search
K

4 matches found

Code423n4
Code423n4
added 2023/09/11 12:0 a.m.8 views

An attacker can use the flashloan() function without real collateral assets

Lines of code Vulnerability details Impact Function flashloan - allows delegate token owner or approved operator to borrow their underlying tokens for the duration of a single atomic transaction. The function uses Structs.FlashInfo calldata info as an input parameter. However, some parameters fro...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/05/18 12:0 a.m.13 views

[WP-H3] Lack of liquidation makes it possible for alToken to be undercollateralized

Lines of code Vulnerability details function liquidate address yieldToken, uint256 shares, uint256 minimumAmountOut external override lock returns uint256 onlyWhitelisted; checkArgumentshares 0; YieldTokenParams storage yieldTokenParams = yieldTokensyieldToken; address underlyingToken =...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/02/23 12:0 a.m.12 views

[WP-H4] The collateral assets impounded with settleBadDebt() will be frozen in the insuranceFund contract

Lines of code Vulnerability details In MarginAccount.solsettleBadDebt, the collateral assets will be seized and transferred to the insuranceFund contract. However, there is no way for the liquidity providers of the insuranceFund to get back the collateral assets. In the current implementation,...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2021/09/29 12:0 a.m.6 views

Liquidation can be escaped by depositing a Uni v3 position with 0 liquidity

Handle WatchPug Vulnerability details When the liquidator is trying to liquidate a undercolldarezed loan by calling liquidateAccount, it calls unwrapUniPosition - uniV3Helper.removeLiquidity - positionManager.decreaseLiquidity. However, when the Uni v3 position has 0 liquidity,...

6.9AI score
Exploits0
Rows per page
Query Builder