Lucene search
K

4 matches found

Code423n4
Code423n4
added 2022/12/21 12:0 a.m.8 views

Faulty fee handling in buyAndReduceDebt

Lines of code Vulnerability details Impact When passing fee params to buyAndReduceDebt with swapFeeTo and swapFeeBips, the PaprController will try to send the underlying token on the following line: underlying.transferparams.swapFeeTo, amountIn params.swapFeeBips / BIPSONE; But in a normal state,...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2022/06/03 12:0 a.m.10 views

RewardHandler.burnFees() could fail depending on number of pools with underlying = address(0)

Lines of code Vulnerability details Impact If more than one pool has underlying = address0 then RewardHandler.burnFees will fail or use ETH balance from FeeBurner.sol. Proof of Concept RewardHandler.solL40-L50 uint256 ethBalance = addressthis.balance; address memory tokens = new address; for...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.10 views

fee possibly send in the wrong way in exitVaultFillingVaultInitiate

Handle gpersoon Vulnerability details Impact The functions exitZcTokenFillingZcTokenInitiate and exitVaultFillingVaultInitiate are kind of similar, however the processing of the fee is different. exitZcTokenFillingZcTokenInitiate send the fee from o.maker exitVaultFillingVaultInitiate sends the f...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/09/29 12:0 a.m.9 views

HybridPool's flashSwap sends entire fee to barFeeTo

Handle cmichel Vulnerability details The HybridPool.flashSwap function sends the entire trade fees fee to the barFeeTo. It should only send barFee fee to the barFeeTo address. Impact LPs are not getting paid at all when this function is used. There is no incentive to provide liquidity. Recommende...

7AI score
Exploits0
Rows per page
Query Builder