4 matches found
Unintended code path execution by modifying user controlled input
Lines of code Vulnerability details Impact Unintended code path execution by modifying user controlled input. The deal maker gets to pick if buyer or seller matching policy are executed. The actual impact of this vulnerability would depend on the matching policy. Any where from wasted gas to loss...
The setupExecution is reentrancy attack vulnerable
Lines of code Vulnerability details Impact The setupExecution can be re-entered by calling bulkExecute inside an execution. Because the global state remainingETH and isInternal are modified reset to 0 and flase after the latter reentrant call, the previous call is affected: 1. all subsequent...
Initialization function can be front-run
Lines of code Vulnerability details Detailed description of the impact of this finding: Exchange.sol has initialization function that can be front-run, allowing an attacker to incorrectly initialize the contract. Due to the use of the delegatecall proxy pattern, Exchange.sol cannot be initialized...
calculateLiquidityTokenFees returns zero fee
Handle sirhashalot Vulnerability details Impact The MathLib.sol calculateLiquidityTokenFees function returns a non-zero fee quantity only if rootK rootKLast. The rootK and rootKLast values are calculated from the same values, so this will never occur. This will result in the DAO never receiving a...