Lucene search
K

3 matches found

Code423n4
Code423n4
added 2023/01/20 12:0 a.m.11 views

function withdraw() in StRSR won't update contract state (totalDrafts) in all cases which can cause wrong fund distribution and fund stucking in the contract

Lines of code Vulnerability details Impact Function withdraw complete an account's unstaking. it transfers user draft withdrawals and updates totalDrafts. but when calculated rsrAmount is 0 code returns and won't updates totalDrafts which can cause wrong calculations as those draft items removed...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/12/12 12:0 a.m.10 views

position's wrong profit and loss or incorrect distribution of funds in contract PrePoMarket because it doesn't consider expiryTime for setting the value of finalLongPayout and calculating redeem amounts based on positions and Markets never expire

Lines of code Vulnerability details Impact according to the docs: "The expiry date of the market. If a market has not settled by its expiry date, it will automatically settle at the lower bound of its Valuation Range." but Contract PrePOMarket doesn't consider expiryTime in its logic and...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/06/16 12:0 a.m.13 views

reentrancy by _harvest() and _deposit() code in the middle of claimBribesFromHiddenHand() external calls to tokens and change balances of AURA token so claimBribesFromHiddenHand() make wrong transfers and fund would be lost

Lines of code Vulnerability details Impact Function claimBribesFromHiddenHand makes some external calls to token lists which fetches from hiddenHandDistributor.rewards if AURA was on of those tokens and also one of those tokens were malicious or made some external call then it's possible to reent...

6.9AI score
Exploits0
Rows per page
Query Builder