Lucene search
K

8 matches found

Code423n4
Code423n4
added 2023/09/11 12:0 a.m.6 views

Lack of access control lets anyone rescind any delegate token

Lines of code Vulnerability details Impact There is no access control for the function rescind, thus 1 it lets anyone rescind any token, either he is the owner or not and 2 the documentation does not adhere to the current implementation. Proof of Concept The documentation above the definition of...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2023/09/11 12:0 a.m.8 views

No protection against conduit front-running

Lines of code Vulnerability details Impact A malicious conduit could front-run and prevent the transfer Proof of Concept The conduit is trusted to conduct the transferFrom in the resulting order. A malicious conduit could front-run and prevent the transfer. calculateOrderHash: This uses the condu...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/09/11 12:0 a.m.7 views

flashloan() allows both owner and approver to call

Lines of code Vulnerability details Impact Allowing the borrower to borrow more than the current limit Proof of Concept As we can see ,flashloan uses StorageHelpers.revertNotOperator to check if the msg.sender has permissions to call. function flashloanStructs.FlashInfo calldata info external...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/09/11 12:0 a.m.7 views

Incorrect delegate token URI in MarketMetadata.sol.

Lines of code Vulnerability details Impact Web3 logic may be error prone by the wrong delegate token URL. Proof of Concept In DelegateToken.tokenURL, MarketMetadata.delegateTokenURI is called. MarketMetadata.delegateTokenURI is as follows. File: MarketMetadata.sol 37: function...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/09/11 12:0 a.m.5 views

Impossible for the owner to change rights

Lines of code Vulnerability details Impact An escrowed token's rights can not be altered once it has been placed in escrow. When a user creates a delegate token and principal token, they set the rights. Rights such as "" and flashloan grant the ability to use the flashloan function. If the delega...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/09/11 12:0 a.m.7 views

delegate ID could differ from the expected order hash if the order hash was manipulated

Lines of code Vulnerability details Impact A malicious user could create an order hash that does not match the actual order data. When the delegate token is created, the actualDelegateId will be different than the requestedDelegateId calculated from the manipulated createOrderHash. But the check...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/08/01 12:0 a.m.9 views

Possible to delegate same token

Lines of code Vulnerability details Impact It's possible to call delegatetokenId1, tokenId2 using the same token tokenId1 multiple times. The previous delegated value isn't deleted, and all delegations stack up. This way tokenId2 will have all these tokens as delegated:...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/05/30 12:0 a.m.6 views

Upon burn, token is not removed from delegate token list

Lines of code Vulnerability details VotingEscrew burn function does not remove the token from the token's delegate token list. Impact Wrong voting results. Delegate's votes will be inflated. Proof of Concept When minting a token, it is added to the owner's delegate using moveTokenDelegates:...

6.8AI score
Exploits0
Rows per page
Query Builder