2 matches found
Anyone can call Well.sol skim method and transfer excessive tokens to its address.
Lines of code Vulnerability details Impact Excessive tokens balance of Well.sol more than returned from getReserves can be transferred by anyone to his account. Proof of Concept After getting hold token's instances from Well.sol contract tokens we can check the balances of Contract of Each token...
NO ACCESS CONTROL IN THE Well.skim() EXTERNAL FUNCTION
Lines of code Vulnerability details Impact The Well.skim external function is used to transfer the excess tokens held by the Well to recipient. But there is no access control in this function and hence anyone can call this function. Therefore this function allows any arbitory user recieve the...