Lucene search
+L

5 matches found

Code423n4
Code423n4
added 2023/03/20 12:0 a.m.12 views

Short positions can be burned while holding collateral

Lines of code Vulnerability details Impact Users can permanently lose a portion of their collateral due to a malicious attacker or their own mistake. Vulnerability Details In the ShortToken contract, adjustPosition is used to handle changes to a short position's short or collateral amounts. The...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/11/14 12:0 a.m.18 views

Reentrancy attack can be used to externally call the _execute function in the Exchange contract

Lines of code Vulnerability details Reentrancy attack can be used to externally call the execute function in the Exchange contract The execute function present in the Exchange contract is intended to be called only internally using delegatecall by the execute and bulkExecute functions. This is...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2022/11/14 12:0 a.m.9 views

Anyone can take the remaining ETH in the Exchange (proxy) contract

Lines of code Vulnerability details Impact Anyone can take the remaining ETH in the Exchange proxy contract Proof of Concept Because returnDust just send all ETHs of the Exchange balance to caller, anyone can call bulkExecuteexecutions with 1wei and an empty executions list to drain the contract:...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/11/14 12:0 a.m.4 views

On _returnDust, call opcode's return value not checked

Lines of code Vulnerability details Impact The call opcode's return value not checked, which could leads to the originator lose funds. Proof of Concept The caller of Exchange.sol::execute or Exchange.sol::bulkExecute could be a contract who may not implement the fallback or receive function, when...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/11/14 12:0 a.m.13 views

Recipients Can Steal Remaining ETH from Exchange

Lines of code Vulnerability details Impact This vulnerability allows recipients to reenter the Exchange contract, stealing remaining ETH. When a batch of orders are matched using the bulkExecute method a malicious recipient of assets may reenter the bulkExecute method, stealing ETH that would've...

7.2AI score
Exploits0
Rows per page
Query Builder