12 matches found
Frequent donations can cause DOS
Lines of code Vulnerability details Impact User's might be unable to withdraw pending rewards Proof of Concept If a donation is made before the checkpoint call in the same block, the checkpoint call will revert. This is done in order to prevent flash loans. function checkpoint external returns bo...
Extraordinary Funding proposal could be susceptible back-run
Lines of code Vulnerability details Impact An extraordinary proposal can be proposed, voted on, and executed within a single transaction, in the same block. As a result, an attacker with enough voting power to meet the conditions on their own could back-run a transaction to steal funds from the...
UniV3LpVault flash loans can become unavailable if a user didn't utilized the full limit
Lines of code Vulnerability details Impact If a user didn't utilized the whole amount on the first call, the flashFocusCall can fail for second and subsequent runs when params.asset is a token that use approval race protection. Placing severity to medium as flashFocusCall reverts in this case, an...
Extra fees paid for flash loans are unassigned
Handle 0x0x0x Vulnerability details Extra fees paid for flash loan are not included in total collected fees and they create excess balance which can be claimable by streamCreator. Extra fees should also get assigned to factory or atleast it should be clear that extra fees are for streamCreator...
[Pool] - Anyone can remove liquidity from Pools, allowing them to alter the price
Handle adelamo Vulnerability details Impact On the Pool.sol, the function removeForMember is public. Allowing anyone to call the method using an address of an LP in order to remove liquidity from the pools and return to the LP account. If we combine the ability to remove liquidity and being able ...
avoid paying insurance
Handle gpersoon Vulnerability details Impact It's possible to avoid paying insurance in the following way: once per hour at the right moment, do the following: ----using a flash loan, or with a large amount of tokens, call deposit of Insurance.sol to make sure that the pool is sufficiently filled...
Anyone can curate pools and steal rewards
Handle @cmichelio Vulnerability details Vulnerability Details The Router.curatePool and replacePool don't have any access restriction. An attacker can get a flash loan of base tokens and replace existing curated pools with their own curated pools. Impact Curated pools determine if a pool receives...
Anyone can list anchors / curate tokens
Handle @cmichelio Vulnerability details Vulnerability Details The Router.listAnchor function can be called by anyone and tokens can be added. The only check is that requireiPOOLSPOOLS.isAnchortoken; but this can easily be set by calling Pools.addLiquidityVADER, token, once even without actually...
Swap value can be manipulated allowing under-collateralized loans
Handle @cmichelio Vulnerability details Vulnerability Details When borrowing with synths as collateral the synth collateral value in base tokens is computed as baseValue = calcSwapValueInBaseiSYNTHcollateralAsset.TOKEN, collateralAdjusted;, i.e., the result of a trade of the underlying token to...
Default slippage value too high
Handle janbro Vulnerability details Summary Default slippage value too high. Risk Rating Medium Vulnerability Details MapleGlobals.sol Line 87: maxSwapSlippage = 1000; // 10 % The default slippage value of 10% is vulnerable to sandwich attackers which would shift larger costs onto stakers and LPs...
Incorrect Stability Assumption
Handle 0xsomeone Vulnerability details Impact An arbitrage opportunity presents itself whereby a user can exaggerate the discrepancy via flash loans between the USDC price reported and the actual USDC price to f.e. acquire a better rate for their loan. The impacted features of the system can be...
The First User To Borrow a Particular Token Can Drain Funds In MarginSwap by Making An Undercollateralized Borrow Using Flash Loans
Handle jvaqa Vulnerability details The First User To Borrow a Particular Token Can Drain Funds In MarginSwap by Making An Undercollateralized Borrow Using Flash Loans Impact This attack can be performed with any two ERC20 tokens, where one of them has not yet been borrowed on MarginSwap. Since an...