Lucene search
K

4 matches found

Code423n4
Code423n4
added 2023/01/17 12:0 a.m.9 views

Redeemers will receive less collateral than expected if function completeRedemptions() is called with empty refundees list

Lines of code Vulnerability details Impact Function completeRedemptions is used by admin account to distribute collateral to users and also to refund redemption requests if the redemption cannot be serviced. function completeRedemptions address calldata redeemers, address calldata refundees,...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/01/17 12:0 a.m.7 views

Loss of user funds when completing CASH redemptions

Lines of code Vulnerability details The function completeRedemptions present in the CashManager contract is used by the manager to complete redemptions requested by users and also to process refunds. function completeRedemptions address calldata redeemers, address calldata refundees, uint256...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/01/17 12:0 a.m.10 views

Wrong logic totalBurned is not updated after _processRefund() results in loss of funds for redeemers

Lines of code Vulnerability details Impact Function completeRedemptions is used by admin account to distribute collateral to users and also to refund redemption requests if the redemption cannot be serviced. function completeRedemptions address calldata redeemers, address calldata refundees,...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/01/17 12:0 a.m.9 views

If completeRedemptions is called multiple times to redeem one epoch, the complex calculation may result in incorrect redemptions

Lines of code Vulnerability details Impact When MANAGERADMIN calls the completeRedemptions function, it requires that both redeemers and refundees have KYC. If the redeemer loses KYC, the redeemer's address will not appear in redeemers and refundees, otherwise completeRedemptions will fail...

6.7AI score
Exploits0
Rows per page
Query Builder