3 matches found
Possible lost msg.value
Lines of code Vulnerability details In call submit can will send value and the asset can be an ERC20!= address0, if frxETHMinter.sol contract receive this call the fouds will lost. Recommended Mitigation Steps In frxETHMinter, submit function: Check if the msg.value is zero when the asset is...
Migration Module: After successful migration, ERC20 assets can be thrown away by anyone
Lines of code Vulnerability details Impact HIGH - Assets can be lost directly After proposal and proposed buyout is successful, anyone can transfer ERC20 asset in the vault to the zero address and the asset will be lost. Proof of Concept proof of concept: testAnyoneCanThrowERC20poc The proof of...
Incompatibility With Rebasing/Deflationary/Inflationary tokens
Handle 0xRajeev Vulnerability details Impact WildCredit allows the permissionless listing of any ERC20 assets/pairs to be used in the protocol. Some of these tokens could charge a fee, add a reward or rebase over time. However, the protocol does not have the required support to handle such tokens...