4 matches found
Malicious user can create a dummy Lendgine contract by mimicing a salt with same encoding format but using a malicious AMM invariant function
Lines of code Vulnerability details Impact Lendgine contract address is created using a salt that is generated by a hash of pool parameters in Factory.sol. A malicious user can create a Lendgine exploit contract that uses the salt generated by exact same encoding but this contract inherits a Pair...
Choosing a cheap gas lane may result in no winners
Lines of code Vulnerability details Impact The drawer can choose whichever gas lanekeyHash they like. Giving this choice to the drawer may result in no winners if the network is congested and the drawer chooses a cheap gas lane. Recommended Mitigation Steps Check the options of keyHashes that can...
Owner can steal all Basket funds during auction
Handle 0xsanson Vulnerability details Impact The owner of Factory contract can modify the values of auctionMultiplier and auctionDecrement at any time. During an auction, these values are used to calculate newRatio and thereby tokensNeeded: specifically, it's easy to set the factory parameters so...
anyone can call function sponsor
Handle pauliax Vulnerability details Impact This function sponsor should only be called by the factory, however, it does not have any auth checks, so that means anyone can call it with an arbitrary sponsorAddress address and transfer tokens from them if the allowance is 0: /// @notice ability to...