Lucene search
+L

7 matches found

Code423n4
Code423n4
added 2023/12/21 12:0 a.m.21 views

Dangerous use of deadline parameter

Lines of code Vulnerability details Summary The protocol is using block.timestamp as the deadline argument while interacting with the Uniswap NFT Position Manager, which completely defeats the purpose of using a deadline. Impact Actions in the Uniswap NonfungiblePositionManager contract are...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/12/21 12:0 a.m.11 views

Signature Verification for voteForManyWithSig Function

Lines of code Vulnerability details Potential Risk: The voteForManyWithSig function in the CultureIndex contract allows users to vote on multiple pieceIds using a provided signature. While it attempts to verify the signature, there are some potential risks associated with signature verification...

7.4AI score
Exploits0
Code423n4
Code423n4
added 2023/07/07 12:0 a.m.7 views

SWAP TRADES COULD BE EXECUTED AT A LATER POINT IN TIME BY THE MINERS, IF deadline == 0

Lines of code Vulnerability details Impact The Swapper.swapExactInput external function, has the deadline parameter to control the execution time of the swap transaction. If the block.timestamp has elapsed the deadline given the transaction will revert as per the implementation in the...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/07/05 12:0 a.m.15 views

Interactions with Pool do not use valid deadlines for operations

Lines of code Vulnerability details Impact Miner can potentially hold the transaction which results in loss of funds for users. Proof of Concept File: TalosBaseStrategy.sol liquidityDifference, amount0, amount1 = nonfungiblePositionManager.increaseLiquidity...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/06/23 12:0 a.m.9 views

There is no deadline for swaps

Lines of code Vulnerability details Impact If the receiver that is specified in the IBC callback doesn't have enough tokens for interacting with the Canto network defaults at 4 CANTO, then the middleware is going to swap the tokens for some CANTO tokens on the Canto network and convert the rest t...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/06/23 12:0 a.m.11 views

Lack of deadline parameter when executing swaps

Lines of code Vulnerability details Impact Deadline is not checked. The transaction may stay unexecuted for a long time, resulting in unfavourable trade when the transaction is finally executed. Proof of Concept The function OnRecvPacket is used to help users outside of Canto onboard seamlessly...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/05/22 12:0 a.m.11 views

JBXBuybackDelegate.didPay() allows for positive slippage theft

Lines of code Vulnerability details Impact The JBXBuybackDelegate.didPay calls swap which utilizes the Uniswap's swap function. JBXBuybackDelegate incorporates a negative slippage check in uniswapV3SwapCallback. However, it fails to consider the deadline parameter of the transaction. The deadline...

6.8AI score
Exploits0
Rows per page
Query Builder