Lucene search
+L

5 matches found

Code423n4
Code423n4
•added 2023/04/19 12:0 a.m.•11 views

Position ownership could be transferred to zero address

Lines of code Vulnerability details Impact Ownership of a Position could be transferred to zero address. This is usually caused by mistake but the consequence is loss of collateral. Proof of Concept The position owner calls transferOwnership but accidentally set newOwner address to 0x0. Tools Use...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2023/03/20 12:0 a.m.•12 views

Short positions can be burned while holding collateral

Lines of code Vulnerability details Impact Users can permanently lose a portion of their collateral due to a malicious attacker or their own mistake. Vulnerability Details In the ShortToken contract, adjustPosition is used to handle changes to a short position's short or collateral amounts. The...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2022/08/17 12:0 a.m.•12 views

LinearInterestRate mode has the risk of drastic fluctuation of interestRate by flash borrow attack, make borrower pay more interest

Lines of code Vulnerability details Impact In LinearInterestRate mode, the minInterest can be as low as MININT=0, and the maxInterest can be as high as MAXINT=146248508681. In getNewRate function, the newRate is determined by utilization. If utilization=1e5, the interestRate can be MAXINT. There...

6.7AI score
Exploits0
Code423n4
Code423n4
•added 2022/07/17 12:0 a.m.•12 views

Multiple auction can run on same vault - Collateral loss

Lines of code Vulnerability details Impact Due to insufficient checks, it is possible to run 2 auctions at same time. This can lead to loss of collateral for this vault as collateral quantity placed for auction will double Proof of Concept 1. User starts auction on vault id 1 which transfer...

6.9AI score
Exploits0
Code423n4
Code423n4
•added 2022/05/01 12:0 a.m.•8 views

Loss of Collateral Via Malicious Oracle

Lines of code Vulnerability details Issue: The oracle can be arbitrarily updated at any point in time by the lender. Consequences: A lender can inject a malicious oracle at any time and steal the collateral NFT at the cost of his loaned tokens. Proof of Concept Borrower requests loan with an hone...

6.7AI score
Exploits0
Rows per page
Query Builder