8 matches found
asD.sol::mint & asDFactory.sol::create allows an attacker to mint legitimate aSD with counterfeit underlying $NOTE
Lines of code Vulnerability details Impact When creating an aSD token using create from the asDFactory.sol, there's the cNote address reference to specify and set. A malicious user can deploy a counterfeit NOTE underlying token that isn't legit or backed by anything and set/reference it as...
DoS of liquidation
Lines of code Vulnerability details Impact The lender can be prevented from liquidating the borrower, at negligible cost to the borrower. Proof of Concept When the borrower is insolvent the lender can liquidate him by withdrawEthWithInterestlien, lienId. The parameters are verified by the modifie...
Calling ParticleExchange.sellNftToMarket, ParticleExchange.swapWithEth, and ParticleExchange.refinanceLoan functions can allow insolvent positions to be opened
Lines of code Vulnerability details Impact When calling the following ParticleExchange.sellNftToMarket function, it is possible to input amount and msg.value, which can sum up to lien.price and make credit equal 0. Although credit of lienslienId is 0 in this case, calling the...
PROTOCOL MIGHT NOT BE ABLE TO OPERATE DUE TO LACK OF FUNDS
Lines of code Vulnerability details Impact Redeem/withdraw functionality will fail under certain conditions and users who want to redeem/withdraw their AVAX will not be able to. Proof of Concept Users stake their AVAX and in return get ggAVAX. The AVAX provided by the users is then staked by the...
Able to remove all collateral after borrow
Lines of code Vulnerability details Assuming to borrow asset tokens from a pair contract a user must first deposit collateral tokens. After they deposit collateral tokens their userCollateralBalance increases and they can then call borrowAsset to receive asset tokens from the contract. The...
Migration's withdrawContribution ignores the exchange between fractional tokens and ETH happened during Buyout attempt
Lines of code Vulnerability details withdrawContribution aims to return the funds to Migration participants. However, it uses initial userProposalFractionsproposalIdmsg.sender and userProposalEthproposalIdmsg.sender records for withdrawal accounting. Real funds structure is different after Buyout...
NonCustodialPSM can become insolvent as CPI index rises
Lines of code Vulnerability details Impact NonCustodialPSM mints and redeems VOLT to a chosen stablecoin at the current market rate minus a fixed fee. It is assumed that the difference to be covered with pcvDeposit funds. That assumption is similar to one used in FEI protocol, but there no rate...
System Debt Is Not Handled When Insurance Pools Become Insolvent
Handle leastwood Vulnerability details Impact If an incident has occurred where an insurance policy is to be redeemed. The market is put into the MarketStatus.Payingout mode where the insurance.insured account is allowed to redeem their cover and receive a payout amount. Upon paying out the...