Lucene search
+L

11 matches found

Code423n4
Code423n4
added 2022/08/17 12:0 a.m.13 views

Not calling approve(0) before setting a new approval might cause reverts when used with Tether (USDT)

Lines of code Vulnerability details Impact Some tokens do not implement the ERC20 standard properly but are still accepted by most code that accepts ERC20 tokens. For example Tether USDT's approve function will revert if the current approval is not zero, to protect against front-running changes o...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/08/17 12:0 a.m.22 views

Chainlink oracle lacks proper validation

Lines of code Vulnerability details Impact Calls to the Chainlink price oracle via latestRoundData in FraxlendPairCore.sol use the correct function latestRoundData per Chainlink's documentation, but lack the recommended validations to ensure that the round is complete and does not return stale...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/08/17 12:0 a.m.13 views

Chainlink’s latestRoundData might return stale or incorrect results

Lines of code Vulnerability details Impact On ChainlinkPriceOracle.sol, we are using latestRoundData, but there is no check if the return value indicates stale data. Proof of Concept File: contracts/FraxlendPairCore.sol , int256 answer, , , = AggregatorV3InterfaceoracleMultiply.latestRoundData; ,...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/08/17 12:0 a.m.11 views

Even if the _isBorrowerWhitelistActive is not active, contract can get deployed if _maxLTV < LTV_PRECISION

Lines of code Vulnerability details Impact FraxlendPairCore can get deployed even if isBorrowerWhitelistActive is not active. Proof of Concept if maxLTV = LTVPRECISION && !isBorrowerWhitelistActive revert BorrowerWhitelistRequired; The above condition revert when both condition is true. Incase,...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/08/17 12:0 a.m.18 views

Able to remove all collateral after borrow

Lines of code Vulnerability details Assuming to borrow asset tokens from a pair contract a user must first deposit collateral tokens. After they deposit collateral tokens their userCollateralBalance increases and they can then call borrowAsset to receive asset tokens from the contract. The...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2022/08/17 12:0 a.m.7 views

Oracle price could not be fresh

Lines of code Vulnerability details Vulnerability In FraxlendPairCore.updateExchangeRate, we are using latestRoundData, but there are no validations that the data is not stale. The current code is: , int256 answer, , , = AggregatorV3InterfaceoracleMultiply.latestRoundData; if answer = round, "Sta...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/08/17 12:0 a.m.15 views

No Return Data Checks on Chainlink's latestRoundData() Might Return Stale Prices

Lines of code Vulnerability details Impact The updateExchangeRate function of FraxlendPairCore contract gets price using chainlink latestRoundData function. However it lacks the check on the return data and this might lead to stale prices. Proof of Concept ./FraxlendPairCore.sol:524: , int256...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/08/17 12:0 a.m.10 views

ERC20.approve can be error prone. It is known issue. ERC20.sol could not be safe.

Lines of code Vulnerability details Impact ERC20 - approve is not safe. Proof of Concept For approve, the entire contract depend on ERC20.approve assetContract.approveswapperAddress, borrowAmount; collateralContract.approveswapperAddress, collateralToSwap; Refer following articles for this issue...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/08/17 12:0 a.m.11 views

Borrower can pay very little collateral for a huge amount of more valuable asset.

Lines of code Vulnerability details Impact When an approved borrower calls borrowAsset , they are able to borrow as much asset as possible and passing the user controlled collateralAmount input with a lesser value worth of collateral. For example, a user can pay 1 USDC collateral and receive 1000...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/08/17 12:0 a.m.7 views

Approved Borrower can borrow asset without paying collateral

Lines of code Vulnerability details Impact When an approved borrower calls borrowAsset , they are able to borrow as much asset as possible without pass the user controlled collateralAmount input as 0. This would allow the borrower to not pay any collateral and receive the borrowAmount Proof of...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/08/17 12:0 a.m.12 views

Possible frontrunning attack in Vault.

Lines of code Vulnerability details Impact First depositor will have the control of the vault and drain user funds. Proof of Concept The project uses VaultAccount.sol library for math implementations. To determine the number of shares to mint to a depositor, shares = amount total.shares /...

6.7AI score
Exploits0
Rows per page
Query Builder