3 matches found
[ADRIRO-NEW-H-01] VotiumStrategy withdrawal can still be executed with minimal delay
Lines of code Vulnerability details Summary Within the mitigation changes, the sponsor has introduced a minimum delay of one epoch for VotiumStrategy withdrawals, in order to mitigate different issues related to the exposure to CVX . The fix contains an edge case which could still be used to make...
M-05 Unmitigated
Lines of code Vulnerability details Mitigation of M-05: Mitigation Error, see comments Link to Issue: code-423n4/2023-09-asymmetry-findings45 Comments To mitigate M-05, the sponsor has added a delay of one epoch when the available CVX balance is enough to cover the withdrawal: 81: uint256...
[ADRIRO-NEW-M-05] Rewarder should not be allowed to apply rewards on CVX tokens
Lines of code Vulnerability details Summary The rewarder role should not be allowed to modify the balance of CVX tokens when applying rewards, otherwise the internal CVX balance tracking could get out of sync with major consequences for the protocol. Impact The introduction of internal CVX balanc...