4 matches found
Reentrency in claimRewards in ConcurRewardPool
Judge @GalloDaSballo has assessed the 1st item in QA Report 163 as Medium risk. The relevant finding follows: … Reentrency in claimRewards in ConcurRewardPool The function claimRewards is open to reenterncy, if the safeTransfer function of a token calls the claimRewards again the tokens can be...
ConvexStakingWrapper._calcRewardIntegral() Has An Accounting Error When Updating reward.remaining
Lines of code Vulnerability details Impact The ConvexStakingWrapper.sol implementation makes several modifications to the original design. One of the key changes is the way rewards are distributed to stakers. A new ConcurRewardPool.sol contract is used to store rewards, allowing users to claim...
Potential Re-entrancy Attack via ETH or ERC777 Token Transfer
Lines of code Vulnerability details Impact The CEI pattern is not being implemented properly in the claimRewards function of the ConcurRewardPool.sol. function claimRewardsaddress calldata tokens external override for uint256 i = 0; i tokens.length; i++ uint256 getting = rewardmsg.sendertokensi;...
Reentrancy in ConcurRewardPool::claimRewards
Lines of code Vulnerability details Impact Any address that has nonzero reward for a token tokensi is able to drain all contact token funds if the transfer function is reentrant for example, ERC777 token. As tokensi is an arbitrarily implemented, a reentrant transfer function can be assumed to be...