5 matches found
Position ownership could be transferred to zero address
Lines of code Vulnerability details Impact Ownership of a Position could be transferred to zero address. This is usually caused by mistake but the consequence is loss of collateral. Proof of Concept The position owner calls transferOwnership but accidentally set newOwner address to 0x0. Tools Use...
Short positions can be burned while holding collateral
Lines of code Vulnerability details Impact Users can permanently lose a portion of their collateral due to a malicious attacker or their own mistake. Vulnerability Details In the ShortToken contract, adjustPosition is used to handle changes to a short position's short or collateral amounts. The...
LinearInterestRate mode has the risk of drastic fluctuation of interestRate by flash borrow attack, make borrower pay more interest
Lines of code Vulnerability details Impact In LinearInterestRate mode, the minInterest can be as low as MININT=0, and the maxInterest can be as high as MAXINT=146248508681. In getNewRate function, the newRate is determined by utilization. If utilization=1e5, the interestRate can be MAXINT. There...
Multiple auction can run on same vault - Collateral loss
Lines of code Vulnerability details Impact Due to insufficient checks, it is possible to run 2 auctions at same time. This can lead to loss of collateral for this vault as collateral quantity placed for auction will double Proof of Concept 1. User starts auction on vault id 1 which transfer...
Loss of Collateral Via Malicious Oracle
Lines of code Vulnerability details Issue: The oracle can be arbitrarily updated at any point in time by the lender. Consequences: A lender can inject a malicious oracle at any time and steal the collateral NFT at the cost of his loaned tokens. Proof of Concept Borrower requests loan with an hone...