Lucene search
+L

4 matches found

Code423n4
Code423n4
•added 2022/06/24 12:0 a.m.•12 views

Buys/sells will be front-run by MEV bots

Lines of code Vulnerability details Impact Since the value of the vault depends on the Bancor formula, it's important that transactions can't be front-run, because doing so, even for small amounts, will change the valuation price for subsequent buys/sells. The link the sponsor provided describes...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2022/02/06 12:0 a.m.•8 views

Seven ways in which the Owner and Proxy Admin can make users lose funds ("rug vectors")

Lines of code Vulnerability details The contest explicitly asks to analyze the contract for "Rug Vectors", so that is what this issue is about. note to reviewers This issue list maybe 7 different problems and recommends different fixes. I could have made seven separate issues for each, but it wou...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2021/11/11 12:0 a.m.•7 views

Missing access restriction on Vesting.updateVestedTokens

Handle cmichel Vulnerability details The FSDVesting.updateVestedTokens function is supposed to be called by the FDS contract only which also mints tokens to the contract. However, it does not have any access restrictions which leads to circumventing the vesting and further griefing attacks. POC...

7AI score
Exploits0
Code423n4
Code423n4
•added 2021/10/30 12:0 a.m.•9 views

Incorrect calculation of initialBalance in Slingshot.executeTrades()

Handle daejunpark Vulnerability details Impact The Slingshot.executeTrades incorrectly calculates initialBalance when toToken == nativeToken. It should have been the balance of wrapped native tokens e.g., WETH, rather than that of native currencies e.g., Ether. This incorrect behavior introduces...

7AI score
Exploits0
Rows per page
Query Builder