4 matches found
BADGER bribes can not be claimed
Lines of code Vulnerability details sendBadgerToTree will send BADGER twice and therefore fail. It is sending it to the BADGERTREE in sendBadgerToTree, and then continues to send the same amount to the vault in processExtraToken. Impact BADGER rewards cannot be claimed. The contract is trying to...
Double transfer in the transferAndCall function of ERC677
Handle shw Vulnerability details Impact The implementation of the transferAndCall function in ERC677 is incorrect. It transfers the value amount of tokens twice instead of once. Since the Flan contract inherits ERC667, anyone calling the transferAndCall function on Flan is affected by this...
Assets are transferred if the execute call fails
Handle shw Vulnerability details Impact When the user calls fulfill with a non-zero callTo parameter, the TransactionManager tries to call execute on callTo, and if the function call fails, the manager transfers toSend amount of receiving assets to receivingAddress. However, since the assets may...
The fallback receiver address could get twice the toSend amount
Handle s1m0 Vulnerability details In that block of code there are 2 external call inside a try/catch statements. In both the catch the toSend amount is transferred to the fallback receiver address effectively transferring twice if the 2 external call fail. Impact In the fulfill function the...