4 matches found
there's missing check for _metadataURI in createNewShare
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept function createNewShare string memory shareName, address bondingCurve, string memory metadataURI external onlyShareCreator returns uint256 id requirewhitelistedBondingCurvesbondingCurve...
Unchecked math in LBToken.sol may cause overflow
Lines of code Vulnerability details Impact Affected code: Currently the safeTransferFrom function in LBToken.sol calls transfer which performs unchecked math to deal with user balances. This is what happens: unchecked balancesidfrom = fromBalance - amount; balancesidto = toBalance + amount; While...
Assets can be transferred to zero address on operational mistake
Lines of code Vulnerability details It is possible to withdraw all the assets after Buyout before settleVault was run and newVault created as asset transfer functions do not check the address. Proof of Concept /// @notice Migrates an ERC-20 token to the new vault after a successful migration ///...
Taker can provide several instances of the cheapest ERC-1155 item in a multi item bundle
Lines of code Vulnerability details Maker bid for a bundle of ERC-1155 items can be tricked into successful execution by providing several instances of the cheapest item instead of the required bundle. This way a malicious taker can receive full maker's price, providing several instances of the...