9 matches found
LiquidityMining.sol cannot be funded for rewards distribution.
Lines of code Vulnerability details During a rewards claim LiquidityMining.sol uses a low-level call with the msg.value as the rewardsToSend to the liquidity providers, but the contract lacks a receive or fallback function for funds be deposited in it, leaving the contract empty and unable to sen...
withdrawFee() can be called multiple times by any user when quest has ended making it possible to drain contract and leave users unable to claim rewards
Lines of code Vulnerability details Impact The withdrawFee function in the Erc20Quest contract can be called multiple times. The modifier onlyAdminWithdrawAfterEnd is applied to the function which only makes it possible to call it after the end time of a quest. It should be noted that any user is...
Some of user funds stuck in contract because of division rounding error in beforeWithdraw()
Lines of code Vulnerability details Impact Function beforeWithdraw has been used in withdraw of Vault contract to calculates withdraw amount of users but because of division rounding error in this funds some user's funds would stuck in contract. Proof of Concept This is beforeWithdraw code:...
JBPayoutRedemptionPaymentTerminal#processFees may run out of gas and revert due to long list of _heldFeesOf[_projectId]
Lines of code Vulnerability details Proof of Concept // Get a reference to the project's held fees. JBFee memory heldFees = heldFeesOfprojectId; // Delete the held fees. delete heldFeesOfprojectId; // Push array length in stack uint256 heldFeeLength = heldFees.length; // Process each fee. for...
[WP-H6] Swapper can be used to steal all the funds from the contract
Lines of code Vulnerability details function swapTokensGenericLiFiData memory lifiData, LibSwap.SwapData calldata swapData public payable uint256 receivingAssetIdBalance = LibAsset.getOwnBalancelifiData.receivingAssetId; // Swap executeSwapslifiData, swapData; uint256 postSwapBalance =...
OpenLevV1 runs price update for UniV2Class DEXes only
Handle hyh Vulnerability details Impact If the price currently recorded by the system is outdated, the marginTrade and liquidate functions will use a stale price if being run with V3 dexData, which is what system allows. A malicious user can act on a stale price observation, using trade opening a...
Denial-of-service condition: emergency shutdown after pair creation loses contract funds
Handle static Vulnerability details Impact If the owner of the contract set specifically the Factory owner, executes allowEmergencyWithdraw after the pair is created, then the withdraw functions including the emergencyWithdraw will not function and the funds including the liquidity tokens, will b...
After a promotion is cancelled, not claimed rewards are stuck
Handle 0x0x0x Vulnerability details After a promotion is cancelled using cancelPromotion, not awarded rewards for remaining epochs are sent to an address given by promotion creator. Awarded rewards not claimed by users stay in the contract. Since the promotion is deleted from promotions, users...
TwabRewards: cancelPromotion() can revert if a promotion tokens applies fee on transfer
Handle GiveMeTestEther Vulnerability details Impact If the promotion token applies transfer fees, the total amount the contract holds will be less than "tokensPerEpoch numberOfEpochs" bcs a part of this amount is the fee = funds + fee, but only the "funds" can be withdrawn. If after each epoch al...