2 matches found
Owner may lose funds if Minipool is recreated before funds are withdrawn
Lines of code Vulnerability details The createMinipool function of the MinipoolManager contract can be used to reinitialize an existing minipool and potentially lose user funds. If the given nodeID has an existing minipool index, then the state for the minipool is reset: if minipoolIndex != -1...
Aliasing L1 sender on L2
Lines of code Vulnerability details Impact If a contract on L1 has the same address as a contract on L2 but doesn't have the same code, we will have a critical issue, as funds will be lost. Proof of Concept Both Optimism and Arbitrum implements applyL1ToL2Alias / undoL1ToL2Alias logic to prevent ...