4 matches found
Faulty fee handling in buyAndReduceDebt
Lines of code Vulnerability details Impact When passing fee params to buyAndReduceDebt with swapFeeTo and swapFeeBips, the PaprController will try to send the underlying token on the following line: underlying.transferparams.swapFeeTo, amountIn params.swapFeeBips / BIPSONE; But in a normal state,...
RewardHandler.burnFees() could fail depending on number of pools with underlying = address(0)
Lines of code Vulnerability details Impact If more than one pool has underlying = address0 then RewardHandler.burnFees will fail or use ETH balance from FeeBurner.sol. Proof of Concept RewardHandler.solL40-L50 uint256 ethBalance = addressthis.balance; address memory tokens = new address; for...
fee possibly send in the wrong way in exitVaultFillingVaultInitiate
Handle gpersoon Vulnerability details Impact The functions exitZcTokenFillingZcTokenInitiate and exitVaultFillingVaultInitiate are kind of similar, however the processing of the fee is different. exitZcTokenFillingZcTokenInitiate send the fee from o.maker exitVaultFillingVaultInitiate sends the f...
HybridPool's flashSwap sends entire fee to barFeeTo
Handle cmichel Vulnerability details The HybridPool.flashSwap function sends the entire trade fees fee to the barFeeTo. It should only send barFee fee to the barFeeTo address. Impact LPs are not getting paid at all when this function is used. There is no incentive to provide liquidity. Recommende...