Lucene search
K

4 matches found

Code423n4
Code423n4
added 2023/09/11 12:0 a.m.8 views

No protection against conduit front-running

Lines of code Vulnerability details Impact A malicious conduit could front-run and prevent the transfer Proof of Concept The conduit is trusted to conduct the transferFrom in the resulting order. A malicious conduit could front-run and prevent the transfer. calculateOrderHash: This uses the condu...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/07/28 12:0 a.m.11 views

Front run attacks during the 7 day cooldown period in setGSCAllowance.

Lines of code Vulnerability details Impact A malicious miner can send a transaction from the GSC to drain the new allowance before the admin's transaction sets it. Proof of Concept The setGSCAllowance function sets a 7 day cooldown period between allowance changes for each token. This prevents th...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/04/26 12:0 a.m.20 views

proveAndClaim and proveAndClaimWithResolver can be front-run to claim the same name by a malicious user

Lines of code Vulnerability details Impact In the DNSRegistrar contract, the proveAndClaim and proveAndClaimWithResolver functions are used to claim a name. And this name is not encrypted. This can create a race condition because once this name is claimed, it cannot be claimed by other users. In...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2023/03/20 12:0 a.m.7 views

Potential front-running attacks in buy function

Lines of code Vulnerability details Impact The buy function generates new trays and stores them in the tiles mapping based on the value of lastHash. Since the value of lastHash is publicly accessible and can be predicted, an attacker could potentially front-run other users to mint specific trays...

6.7AI score
Exploits0
Rows per page
Query Builder