5 matches found
Redeemers can reject receiving air-drop collateral token, make function completeRedemptions() failing and wasting gas of admin
Lines of code Vulnerability details Impact Function completeRedemptions is used by admin account to distribute collateral to users and also to refund redemption requests if the redemption cannot be serviced. Redeemers will received funds from assetSender in air-drop manner, if collateral token is...
Reentrancy attack allows to get loan for free
Lines of code Vulnerability details Impact Reentrancy attack allows to get loan for free when startLiquidationAuction is called on last collateral token. Proof of Concept When user has a bad debt, then anyone can start auction for his nft. To purchase token, liquidator can call...
Proposal can be infinitely DOSed with no additional conditions
Lines of code Vulnerability details Description OptimisticListingSeaport.sol is easily DOSable due to the following conditions: 1. A new proposal overrides the existing proposal 2. The deposited collateral can be any non-zero amount 3. Only requirement is that pricePerToken is lower than before. ...
Decimals are computed in the wrong way if the collateral token doesn't have 18 decimals
Lines of code Vulnerability details Impact Huge accounting errors and losses for borrowers and liquidators if a collateral token with a non-18 decimal value is used. The oracle contract won't always return prices in 18 decimals. Proof of Concept The oracle returns the price in a normalized way...
Withdrawal delay can be circumvented
Lines of code Vulnerability details Impact After initiating a withdrawal with initiateWithdrawal, it's still possible to transfer the collateral tokens. This can be used to create a second account, transfer the accounts to them and initiate withdrawals at a different time frame such that one of t...