Lucene search
K

12 matches found

Code423n4
Code423n4
added 2023/12/08 12:0 a.m.33 views

Funds are lost when Curve pool is killed (paused)

Lines of code Vulnerability details Vulnerability Details If self.iskilled in the curve pool contract becomes true, users will be unable to close their position because removeliquidityonecoinwill revert. Users will be unable to exit their position. if outputToken == zToken uint256 wethBalance =...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/12/08 12:0 a.m.15 views

Slippage Handling

Lines of code Vulnerability details Impact The primitiveOutputAmount function reverts the transaction if the output amount is less than the minimumOutputAmount, which is a strict slippage protection. This could lead to failed transactions due to normal price fluctuations in the Curve pool. Proof ...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/12/08 12:0 a.m.15 views

Withdraws will be bricked if the curve pool gets killed

Lines of code Vulnerability details Impact Liquidity will be locked forever since there is no interface to remove it. Proof of Concept Curve pools have a killed parameter that allows an admin to kill the pool, suspend all deposits, swaps, and single token withdrawals, and then only allow for taki...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/12/08 12:0 a.m.10 views

Unbounded Approval

Lines of code Vulnerability details Impact The adapter may approve an unlimited amount of tokens to be spent by the Ocean protocol and the Curve pool, which could be risky if those contracts are compromised. Proof of Concept The adapter may approve an unlimited amount of tokens to be spent by the...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/12/08 12:0 a.m.10 views

No slippage check while removing liquidity from Curve Pool

Lines of code Vulnerability details Impact The hardcoded value of 0 for the minamount parameter in the removeliquidityonecoin function of the Curve pool can have significant effects on user funds. When users are removing liquidity from the curve pool, the minamount parameter represents the minimu...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/09/27 12:0 a.m.10 views

Zero amount withdrawals of SafEth or Votium will brick the withdraw process

Lines of code Vulnerability details Summary Withdrawals of amount zero from both SafEth and VotiumStrategy have issues downstream that will cause the transaction to revert, potentially bricking withdrawals from being executed. Impact Withdrawals in AfEth undergo a process to account for any...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/09/27 12:0 a.m.8 views

Lack of slippage protection for depositRewards() in AfEth.sol makes it susceptible to sandwich attacks

Lines of code Vulnerability details Bug Description In VotiumStrategyCore.sol, the buyCvx function calls exchangeunderlying of Curve's ETH / CVX pool to buy CVX: VotiumStrategyCore.solL233-L240 ICrvEthPoolCVXETHCRVPOOLADDRESS.exchangeunderlying value: ethAmountIn 0, 1, ethAmountIn, 0 // this is...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/09/27 12:0 a.m.5 views

Missing deadline check for AfEth actions

Lines of code Vulnerability details Summary AfEth main actions execute on-chain swaps and lack an expiration deadline, which enables pending transactions to be maliciously executed at a later point. Impact Both AfEth deposits and withdrawals include on-chain swaps in AMM protocols as part of thei...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/05/15 12:0 a.m.11 views

Unspent allowance may break functionality in AMO

Lines of code Vulnerability details Unspent allowance may break functionality in AMO An unspent allowance may cause a denial of service during the calls to safeApprove in the AMO contract. Impact The AMO contract uses the safeApprove function to grant the Curve pool permission to spend funds whil...

6.5AI score
Exploits0
Code423n4
Code423n4
added 2022/05/15 12:0 a.m.11 views

Lido adapter incorrectly calculates the price of the underlying token

Lines of code Vulnerability details Impact The Lido adapter incorrectly calculates the price of WETH in terms of WstETH. The function returns the price of WstETH in terms of stETH. The underlying token which we desire is WETH. Since stETH does not have the same value as WETH the output price...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/01/11 12:0 a.m.11 views

Lack of slippage checks during swap

Handle ye0lde Vulnerability details Impact Since the code does not use a minimum return value for swaps it is susceptible to sandwich attacks. More information here: Proof of Concept Here the code Calls Curve to convert the existing underlying balance into UST: / Calls Curve to convert the existi...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/30 12:0 a.m.9 views

No sanity check on pricePerShare might lead to lost value

Handle kenzo Vulnerability details pricePerShare is read either from an oracle or from ibBTC's core. If one of these is bugged or exploited, there are no safety checks to prevent loss of funds. Impact As pricePerShare is used to calculate transfer amount, a bug or wrong data which returns smaller...

6.9AI score
Exploits0
Rows per page
Query Builder