both order side positions don’t exist is not checked

Lines of code Vulnerability details Impact The flow in fillOrder as documented in expects the check order side positions doesn't exist . However the fillOrder function does not have a require check for this. This allows for the same side positions to be created multiple times leading to loss of...

Returned Value not checked when Depositing Eth

Lines of code Vulnerability details Impact In fillorder function, when eth is converted to weth, at line 335, it deposit the msg.value here. But it does not check the return value if the call succeeded. Proof of Concept IWETHweth.depositvalue: msg.value; Tools Used Visual Studio Code Recommended...

Attacker may front-run acceptCounterOffer() cause users to take both original order and new one

Lines of code Vulnerability details Impact Function PuttyV2.acceptCounterOffer is used in case users see better deal and want to cancel their own order before filling the new one. But attacker can abuse this function by front-run calling fillOrder before it is cancelled in acceptCounterOffer...