The current axelar router's implementation can't interact with any calls that requires native tokens

Lines of code Vulnerability details Impact Medium... this completely blocks off users that would need to call a contract and want to pass value to them, as they can't do this since the functions are not payable Proof of Concept See summary Additionally take a look at the Axelar's Router.sol and s...

Reentrancy Attack Vulnerability in StablecoinBridge Contract

Lines of code Vulnerability details Impact The vulnerability can potentially drain the funds of the contract by allowing an attacker to repeatedly call the mint or burn functions and re-enter the mintInternal or burnInternal functions before they complete. Proof of Concept To deploy the...

PT-2022-23150 · Elrond · Elrond-Go

Name of the Vulnerable Software and Affected Versions: Elrond go versions prior to 1.3.35 Description: The issue concerns read-only calls between contracts in the Elrond Network protocol, which can generate smart contract results and alter the state of the called contract as if the call was not...

Cross-chain smart contract calls can revert but source chain tokens remain burnt and are not refunded

Lines of code Vulnerability details Impact Smart contract calls often revert. In such cases any ether sent along with the transaction is returned and sometimes the remaining gas depending on whether an assert caused the reversion or not. For contracts involving ERC20 tokens it is also expected...

Possible incentive theft through the arbitraryCall() function

Handle toastedsteaksandwich Vulnerability details Impact The Locke.arbitraryCall function allows the inherited governance contract to perform arbitrary contract calls within certain constraints. Contract calls to tokens provided as incentives through the createIncentive function are not allowed i...