2 matches found
Sanction Bypass Through Depositing to Authorized Borrower's Market
Lines of code Vulnerability details Impact Wildcat protocol provides lending with lender backed collateral considered as reserves and the ratio must be upheld by the borrower. The protocol team has taken certain steps to prevent interaction with sanctioned users. However, sanction status is only...
sendFundsToUser() does not verify that the user has deposited anything
Lines of code Vulnerability details Impact Users can request arbitrary amounts when requesting funds from the executor, because the deposit hash is not checked against actual deposits. The user can be the executor him/herself if they wish to rug-pull directly. Proof of Concept function...