Lucene search
K

4 matches found

Code423n4
Code423n4
added 2022/10/30 12:0 a.m.17 views

SimpleERC20Escrow's initialize() can be frontrun

Lines of code Vulnerability details Impact The user's collateral is not held in the market contract but is instead held in individual escrows. Every user has a unique escrow for every market. And the escrow contracts are created via the Market contract's createEscrow function. And it's initialize...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/04/21 12:0 a.m.10 views

Index Minting and Redemption Can Be Frontrun

Lines of code Vulnerability details Impact According to the provided source code, the user must transfer the underlying asset to the contract prior to calling mint or the index token before to calling burn. If these two actions are performed on the difference block, it introduces the risk that...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/11/11 12:0 a.m.9 views

Users Can Frontrun revoke() By Calling vest()

Handle leastwood Vulnerability details Impact The onlyOwner role typically calls revoke if a member leaves the BootFinance team, resulting in vested tokens being transferred to the multisig account. Each vesting account has a revocable state variable that is set to either true or false. As any us...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/09/15 12:0 a.m.14 views

Harvest can be frontrun

Handle 0xsanson Vulnerability details Impact In the NativeStrategyCurve3Crv.harvest there are two instances that a bad actor could use to frontrun the harvest. First, when we are swapping WETH to a stablecoin by calling swapTokensweth, stableCoin, remainingWeth, 1 the function isn't checking the...

6.8AI score
Exploits0
Rows per page
Query Builder