Lucene search
+L

150 matches found

Code423n4
Code423n4
added 2023/07/03 12:0 a.m.14 views

In LybraStETHVault.sol (LybraEUSDVaultBase.sol) a user could rigid redeem an amount more than their deposited collateral when the collateral ratio of the user goes below 100% even if they have been super-liquidated.

Lines of code Vulnerability details Impact If the collateral ratio of a user goes below 100%, the user would be able to redeem all of their eUSD for a collateral amount greater than their depositedAssetuser even after they have been super-liquidated. For eg, let us say we have a user X. Now, in...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/07/03 12:0 a.m.14 views

User with bad collateralization ratio less than 125 cent can bypass super liquidation

Lines of code Vulnerability details Impact Users with a bad collateralization ratio such as less than 1251e15 can bypass super liquidation by just getting liquidated normally with the help of malicious liquidators/keepers where they might lose at most only 50% of their deposited collateral instea...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/07/03 12:0 a.m.9 views

Keepers are allowed to use the full EUSD balance of any provider to liquidate funds

Lines of code Vulnerability details Impact Keepers are allowed to use the full EUSD balance of any provider to liquidate funds. Normally, the keeper should only be allowed to use max of the amount that the provider approves to LybraStETHVault. But the check only checks if the provider gives an...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/06/14 12:0 a.m.15 views

Blacklisted Address Can Exploit the Exchange

Lines of code Vulnerability details Impact Addresses that are blacklisted for popular ERC20 tokens such as USDC, USDT can be leveraged to exploit the exchange in a number of ways. These addresses cannot be liquidated in any case where they would be transferred back a leftover collateral amount in...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/06/02 12:0 a.m.6 views

DoS of liquidation

Lines of code Vulnerability details Impact The lender can be prevented from liquidating the borrower, at negligible cost to the borrower. Proof of Concept When the borrower is insolvent the lender can liquidate him by withdrawEthWithInterestlien, lienId. The parameters are verified by the modifie...

6.5AI score
Exploits0
Code423n4
Code423n4
added 2023/06/02 12:0 a.m.9 views

Borrowers can still close loan normally while being defaulted

Lines of code Vulnerability details Borrowers can still close loan normally while being defaulted A borrower can repay a loan normally while having outstanding debt and close it causing losses to the lender. Impact Loans in the Particle protocol are subject to an interest rate defined by the...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2023/06/02 12:0 a.m.10 views

Borrower can block being defaulted or auctioned

Lines of code Vulnerability details Borrower can block being defaulted or auctioned The borrower can potentially block the liquidation and auction processed by using a contract and reverting on ETH transfers. Impact When a loan is being liquidated or auctioned, any credit still available to the...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/06/02 12:0 a.m.15 views

Borrower cannot stop loss when fungibility breaks

Lines of code Vulnerability details Impact When the borrower cannot repay with NFT he will be forced to forsake his entire credit. This situation can be deliberately instigated by the lender. Proof of Concept A borrower can only leave his position by returning an NFT buyNftFromMarket or...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/06/02 12:0 a.m.6 views

Borrowing without paying interest

Lines of code Vulnerability details Impact A lender can be prevented from withdrawing from his lien, without having to pay him interest. Only a few negligible wei have to be paid for technical reasons. This enables the trader to open a risk free position. Long: The trader swaps the NFT in the lie...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/05/15 12:0 a.m.11 views

A user asset cannot be seized if the supplied market's collateral to seize(vTokenCollateral)is different than the pool(seizerContract) where the liquidateBorrow function is called.

Lines of code Vulnerability details Impact A user asset cannot be seized if the supplied market's collateral to seizevTokenCollateralis different than the poolseizerContract where the liquidateBorrow function is called. Proof of Concept A user asset cannot be seized if the supplied market's...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/05/15 12:0 a.m.11 views

Borrowers can be liquidated before default by being based on the borrowBalance from other pools

Lines of code Vulnerability details Impact Borrower can be liquidated before default based on the borrowBalance from other pools. In the liquidity snapshot, borrows from other pools are added as total borrow but the collateral that is used which might not be used as collateral for the poolfor the...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/03/20 12:0 a.m.9 views

A POSITION WILL BE FULLY LIQUIDATABLE AS SOON AS IT BECOMES LIQUIDATABLE

Lines of code Vulnerability details Impact A specific position can be liquidated if canLiquidate returns true. However, the function logic of maxLiquidatableDebt is going to make it fully liquidatable even if safetyRatio == 1e18. Proof of Concept Let's assume the following setup: collRatio = 1.5e...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/03/20 12:0 a.m.10 views

Short positions can be burned while holding collateral

Lines of code Vulnerability details Impact Users can permanently lose a portion of their collateral due to a malicious attacker or their own mistake. Vulnerability Details In the ShortToken contract, adjustPosition is used to handle changes to a short position's short or collateral amounts. The...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/03/20 12:0 a.m.4 views

Hedging during liquidation is incorrect

Lines of code Vulnerability details Impact Hedging will not work as expected, and LiquidityPool will lose funds without expectation. Proof of concept 1. When a short position is liquidated in contract Exchange, function liquidate will be triggered. It will burn the power perp tokens and reduce th...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/03/20 12:0 a.m.7 views

Exchange._liquidate function can cause liquidator to burn too much powerPerp tokens

Lines of code Vulnerability details Impact When calling the following Exchange.liquidate function, uint256 totalCollateralReturned = shortCollateral.liquidatepositionId, debtRepaying, msg.sender is executed. function liquidateuint256 positionId, uint256 debtRepaying internal uint256...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/20 12:0 a.m.10 views

Users can receive less collateral than expected from liquidations

Lines of code Vulnerability details Impact Users might receive very little or no collateral when liquidating extremely unhealthy short positions. Vulnerability Details When users liquidate a short position, they expect to get a reasonable amount of collateral in return. The collateral amount sent...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/07 12:0 a.m.12 views

Price manipulation attack

Lines of code Vulnerability details Impact The PriceFeed.sol was marked OOS but I believe this to be a valid issue. If the chainlink feed fails which is does from time to time, the Tellor price feed takes over no matter what the delta is compared to the chainlink price. This is an issue because t...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/07 12:0 a.m.12 views

Price manipulation attack

Lines of code Vulnerability details Impact The PriceFeed.sol was marked OOS but I believe this to be a valid issue. If the chainlink feed fails which is does from time to time, the Tellor price feed takes over no matter what the delta is compared to the chainlink price. This is an issue because t...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/01/26 12:0 a.m.11 views

Upgraded Q -> H from #296 [1674743769839]

Judge has assessed an item in Issue 296 as H risk. The relevant finding follows: Lines of code Vulnerability details A malicious liquidator could cause the NFT auction to fail and steal the collateral after end of auction. Impact Anyone can act as a liquidator and trigger the liquidation of the...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/01/19 12:0 a.m.18 views

LienToken: Lender and liquidator can collude to block auction and seize collateral

Lines of code Vulnerability details If a lender offers a loan denominated in an ERC20 token that blocks transfers to certain addresses for example, the USDT and USDC blocklist, they may collude with a liquidator or act as the liquidator themselves to prevent loan payments, block all bids in the...

6.7AI score
Exploits0
Rows per page
Query Builder