2 matches found
NO CHECK TO VERIFY THE ELEMENTS OF assetsAmounts[] ARRAY IS IN THE SAME ORDER AS assets[] ARRAY, IF MISCONFIGURED COULD BREAK THE INTERNAL ACCOUNTING OF SHARE CALCULATION
Lines of code Vulnerability details Impact In the ERC4626MultiToken.convertToShares function, assetsAmounts are used to calculate the shares to mint. Here the assetsAmounts are expected to be passed in the order of the assets array. If there is any misconfiguration in the order, then it will affe...
Bad accounting on ERC4626MultiToken.sol leads to user funds stuck in the contract
Lines of code Vulnerability details Summary Bad accounting on ERC4626MultiToken.sol leads to user funds stuck in the contract on deposit and withdraw logic. Vulnerability Detail The UlyssesToken unified liquidity tokens are derived from ERC4626Multitoken. This is an standard tokenized vault with...