Lucene search
K

9 matches found

Code423n4
Code423n4
added 2023/07/05 12:0 a.m.18 views

Slippage controls for calling bHermes contract's ERC4626DepositOnly.deposit and ERC4626DepositOnly.mint functions are missing

Lines of code Vulnerability details Impact mentions that "if implementors intend to support EOA account access directly, they should consider adding an additional function call for deposit/mint/withdraw/redeem with the means to accommodate slippage loss or unexpected deposit/withdrawal limits,...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/03/07 12:0 a.m.12 views

ReaperVaultERC4626.sol is not EIP-4626 compliant

Lines of code Vulnerability details Impact Other protocols integrated with Ethos Reserve may mistakenly assume that its function complies with EIP-4626. Therefore, this may lead to integration issues in the future, which could result in various problems for both parties. Proof of Concept All...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/03/07 12:0 a.m.8 views

Inexistent Slippage Evaluation

Lines of code Vulnerability details Impact The ecosystem of Ethos Reserve contains an EIP-4626 implementation of a vault meant to be integrated by its LUSD lending and borrowing system. As per the standard's Security Considerations itself, slippage checks need to be introduced at the integration...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/06/26 12:0 a.m.7 views

Upgraded Q -> H from 222 [1656255302682]

Judge has assessed an item in Issue 222 as High risk. The relevant finding follows: L-02 totalAssets of erc4626 should never revert eip-4626 According to the spec, totalAssets of erc4626 should never revert MUST NOT revert. wfcash would revert if it's matured but hasn't settled...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/06/26 12:0 a.m.7 views

Upgraded Q -> H from 104 [1656255316696]

Judge has assessed an item in Issue 104 as High risk. The relevant finding follows: L02: Incompatibility with ERC-4626 Line References Description The EIP-4626 specification requires that totalAssets to NOT revert, but the current implementation does so in the underlying methods: int256...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/06/12 12:0 a.m.14 views

Deposit of wrappedFCash does not follow EIP 4626

Lines of code Vulnerability details Impact The deposit of wfCashERC4626 is not 4626 compatible. wfCashERC4626.solL168-L175 According to EIP4626 MUST revert if all of assets cannot be deposited due to deposit limit being reached, slippage, the user not approving enough underlying tokens to the Vau...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/04/19 12:0 a.m.13 views

StakedCitadel should implement EIP-4626

Lines of code Vulnerability details StakedCitadel should implement EIP-4626 StakedCitadel could be seen as an investment vault and therefore team should consider implementing the recent EIP-4626 standard, as it could enable a lot of potential integrations and would avoid having to deploy wrappers...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/02/23 12:0 a.m.12 views

IERC4626RouterBase - withdraw - slippage does not work

Lines of code Vulnerability details Impact The router does not have the intended behavior: according to the EIP , withdraw burn shares to withdraw exactly assets, so the slippage protection should protect the user from burning too many shares. Furthermore, comments in the interface are incorrect ...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/02/23 12:0 a.m.14 views

TurboSafe - should override maxWithdraw and maxRedeem

Lines of code Vulnerability details Impact Considering the EIP , as withdraw must revert if it is not possible to withdraw assets , it is important to have an accurate maxWithdraw function. However, here, maxWithdraw does not account for the current max withdrawal in the cToken contract. Liquidit...

6.7AI score
Exploits0
Rows per page
Query Builder