Lucene search
K

12 matches found

Code423n4
Code423n4
added 2023/10/06 12:0 a.m.6 views

users funds will be stuck in the BaseBranchRouter when making deposit

Lines of code Vulnerability details Impact Users are debited twice the intended amount of every underlying token deposit made at the branch port while locking deposits into the branch port. The first deposit is transferred into the BaseBranchRouter and the second into the BranchPort. The funds...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/07/14 12:0 a.m.13 views

Deposit transaction is prone to being front-run by bad actors.

Lines of code Vulnerability details Impact It is possible for an attacker to front-run a user's deposit transaction while transferring fewer amount of assets than the user and minting an equivalent amount of shares as the user could have. Proof of Concept The scenario described below is for the...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/02/07 12:0 a.m.16 views

FIRST ERC4626 DEPOSIT CAN BE EXPLOITED ON SHARE CALCULATION

Lines of code Vulnerability details Impact As also encountered by Uniswap V2 and other protocols, the first depositor of an ERC4626 vault can maliciously manipulate the share price by depositing as low as 1 wei of liquidity prior to deliberately inflating ERC4626.totalAssets to as high as 1:1e18...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/11/28 12:0 a.m.8 views

user fund lose in deposit() of PirexERC4626 contract because A MALICIOUS EARLY USER/ATTACKER CAN MANIPULATE THE VAULT’S PRICEPERSHARE TO TAKE AN UNFAIR SHARE OF FUTURE USERS’ DEPOSITS

Lines of code Vulnerability details Impact This is a well-known attack vector for new contracts that utilize pricePerShare for accounting. Attacker can cause totalAssets / totalSupply ratio to go as high as he wants and then because of rounding error in convertToShares lower amount of share would...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/11/28 12:0 a.m.9 views

Deposit can be front-runned

Lines of code Vulnerability details Impact The depositor who got frontrun by the attacker will lose all their funds. And all the future depositors. An attacker can front run the first user's deposit and transfer tokens to the vault directly causing all future depositors to lose all their funds...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/09/19 12:0 a.m.8 views

[NAZ-H1] First depositor can break minting of shares

Lines of code Vulnerability details Impact The attack vector and impact is the same as TOB-YEARN-003, where users may not receive shares in exchange for their deposits if the total asset amount has been manipulated. Proof of Concept In SemiFungibleVault.solL143, the allocation of shares is...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/04/13 12:0 a.m.6 views

[WP-H5] yVault.sol A malicious early user/attacker can manipulate the vault's pricePerShare to take an unfair share of future users' deposits

Lines of code Vulnerability details function deposituint256 amount public noContractmsg.sender requireamount 0, "INVALIDAMOUNT"; uint256 balanceBefore = balance; token.safeTransferFrommsg.sender, addressthis, amount; uint256 supply = totalSupply; uint256 shares; if supply == 0 shares = amount; el...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/03/15 12:0 a.m.10 views

Can deposit native token for free and steal funds

Lines of code Vulnerability details Impact The depositErc20 function allows setting tokenAddress = NATIVE and does not throw an error. No matter the amount chosen, the SafeERC20Upgradeable.safeTransferFromIERC20UpgradeabletokenAddress, sender, addressthis, amount; call will not revert because it...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/01/29 12:0 a.m.7 views

Lack of slippage protection on minting sNOTE from underlying assets.

Handle TomFrenchBlockchain Vulnerability details Impact Users minting sNOTE from ETH, WETH or NOTE can receive significantly less sNOTE than they expect. Minting from BPT is unaffected. Proof of Concept sNOTE allows users to deposit NOTE, ETH or WETH as a single-asset deposit into the NOTE-WETH...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/01/13 12:0 a.m.18 views

Initial pool deposit can be stolen

Handle cmichel Vulnerability details Note that the PoolTemplate.initialize function, called when creating a market with Factory.createMarket, calls a vault function to transfer an initial deposit amount conditions1 from the initial depositor references4: // PoolTemplate function initialize string...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/01/12 12:0 a.m.15 views

Re-entrancy in _createDeposit allows stealing tokens

Handle cmichel Vulnerability details The Vault.createDeposit function first caches the current total shares and underlying, and then iterates over all claims using a call to createClaim. Only afterwards, does it pull in the required total amount in the deposit. function depositDepositParams...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/27 12:0 a.m.6 views

MochiVault.sol Potential griefing attack by depositing 0 to target's position

Handle WatchPug Vulnerability details MochiVault.solwithdraw is using the wait modifier to prevent withdraw within delay duration from lastDeposit. However, MochiVault.soldeposit allows anyone to deposit to a specific position. This enables the attacker to initiate a griefing attack by depositing...

6.9AI score
Exploits0
Rows per page
Query Builder