Lucene search
K

31 matches found

Code423n4
Code423n4
•added 2023/09/14 12:0 a.m.•8 views

potential overflow in max.Deposit&maxMint; and max.redeem&max;.withdraw

Lines of code Vulnerability details Impact there is potential overflow in max.deposit and max.mint Proof of Concept there is only way to decrease max.deposit and max.mint is deposit to be excuted . function deposituint128 trancheTokenAmount, uint128 currencyAmount, address liquidityPool, address...

7.1AI score
Exploits0
Code423n4
Code423n4
•added 2023/09/14 12:0 a.m.•10 views

Incorrent approval for escrow tokens, not allowing to burn on redeem

Lines of code Vulnerability details Impact Liquidity pool approval for burning escrow tokens is not correctly assigned when pool is deployed on PoolManager deployLiquidityPool lines: EscrowLikeescrow.approveliquidityPool, addressinvestmentManager, typeuint256.max; // Approve investment manager on...

7.1AI score
Exploits0
Code423n4
Code423n4
•added 2023/08/28 12:0 a.m.•11 views

Error of computation break the LpTokens supply, causes users to lose funds and make functions using _getUtilityFinalLp() broken.

Lines of code Vulnerability details Impact withdrawGivenOutputAmount and withdrawGivenInputAmount functions doesn't revert when balance of tokenX/tokenY = 0 and create an offset between reserve tokens and LP total supply. This lead to unwanted behaviors for the next operations on the protocol...

6.6AI score
Exploits0
Code423n4
Code423n4
•added 2023/07/10 12:0 a.m.•3 views

Subsequent liquidity providers will suffer from the loss of funds

Lines of code Vulnerability details Impact When adding liquidity, lpAmountOut is calculated using the formula: calcLpTokenSupplywellFunction, reserves - totalSupply. function calcLpTokenSupply Call memory wellFunction, uint256 memory reserves internal view returns uint256 lpTokenSupply...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2023/07/10 12:0 a.m.•11 views

The existence of Pump may hinder large swaps or swaps from a low liquidity pool

Lines of code Vulnerability details Impact Large swaps or swaps with low liquidity value may not work properly. Proof of Concept According to the whitepaper, the purpose of the pump is to be a multi-block MEV manipulation resistant to large changes in liquidity value. Since the Well can be create...

6.5AI score
Exploits0
Code423n4
Code423n4
•added 2023/07/10 12:0 a.m.•19 views

Well.sol::addLiquidity() Unauthorized Liquidity Addition for Fee-on-Transfer Tokens

Lines of code Vulnerability details Description The addLiquidity in the Well.sol contract allows any address to add liquidity to tokens with a fee-on-transfer mechanism. Although there is a another function available to add liquidity for Fee-on-transfer token name addLiquidityFeeOnTransfer. Howev...

6.5AI score
Exploits0
Code423n4
Code423n4
•added 2023/07/10 12:0 a.m.•10 views

There is a large precision error in sqrt calculation of lp

Lines of code Vulnerability details Impact Compared with div, there is a larger precision error in calculating lp through sqrt, so there should be a way to check whether there are excess tokens left when adding liquidity. Proof of Concept function testCalcLpTokenSupplyDiff public uint256 memory...

6.7AI score
Exploits0
Code423n4
Code423n4
•added 2023/07/10 12:0 a.m.•16 views

Possible to stop trading

Lines of code Vulnerability details Impact It's possible to stop market due to division by 0 exception. So better to prevent this, because better to revert with missing minAmountOut than revert with some error, which might be complicated to detect. Proof of Concept There is a change to withdraw a...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2023/05/11 12:0 a.m.•11 views

unstake() function: The unstake function permits the unstaking of multiple position NFTs from the same liquidity pool (LP) by the same lender. This opens the possibility for a lender to claim more Ajna token rewards than they are entitled to by staking and unstaking multiple NFTs associated with the same LP.

Lines of code Vulnerability details Impact The absence of a mechanism to prevent a lender from unstaking multiple NFTs for the same liquidity pool LP could potentially lead to the exploitation of the Ajna token reward system. A lender can mint, stake, and unstake multiple NFTs for the same LP fro...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2023/03/26 12:0 a.m.•10 views

Upgraded Q -> 2 from #60 [1679803335439]

Judge has assessed an item in Issue 60 as 2 risk. The relevant finding follows: LiquidityPool.sol: If the fee recipient is not set then all LP operations such as deposits and withdrawals will fail. Consider making fee transfers optional depending on whether a fee recipient and percentage is set -...

6.9AI score
Exploits0
Code423n4
Code423n4
•added 2023/02/07 12:0 a.m.•7 views

First depositor can break minting of shares

Lines of code Vulnerability details Vulnerability details The calculation of exchange rate for shares in Popcorn Vault is done by dividing the total supply of shares by the totalAssets of the vault. The first depositor can mint a very small number of shares, then donate to the vault to manipulate...

6.7AI score
Exploits0
Code423n4
Code423n4
•added 2023/01/31 12:0 a.m.•9 views

First depositer exploit can break share calculation

Lines of code Vulnerability details Impact A well known attack vector for almost all shares based liquidity pool contracts, where an early user can manipulate the price per share and profit from late users' deposits because of the precision loss caused by the rather large value of price per share...

6.6AI score
Exploits0
Code423n4
Code423n4
•added 2023/01/19 12:0 a.m.•18 views

FIRST ERC4626 DEPOSIT CAN BE EXPLOITED ON SHARE CALCULATION

Lines of code Vulnerability details Impact This is a common attack vector involving shares based liquidity pool contracts. An early user can manipulate the price per share and profit from late users' deposits because of the precision loss caused by the rather large value of price per share. Note:...

6.7AI score
Exploits0
Code423n4
Code423n4
•added 2023/01/03 12:0 a.m.•13 views

FIRST DEPOSIT CAN BREAK SHARE CALCULATIONS

Lines of code Vulnerability details Impact Future depositors are forced to pay a huge value of assets to deposit. It is not practically possible for all users. This could directly affect the attrition of users towards this system. Proof of Concept A well-known attack vector for almost all...

6.7AI score
Exploits0
Code423n4
Code423n4
•added 2022/12/19 12:0 a.m.•17 views

Not supporting fee-on-transfer token as base token

Lines of code Vulnerability details Impact In Caviar protocol, all calculations in functions add, remove, buy, sell is done using token balance of Pair contract directly. In function add, it calculates and mints LP token to sender first before transferring baseToken in. function adduint256...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2022/12/19 12:0 a.m.•16 views

A malicious early user/attacker can manipulate the lpToken's pricePerShare to take an unfair share of future users' deposits

Lines of code Vulnerability details Impact A well known attack vector for almost all shares based liquidity pool contracts, where an early user can manipulate the price per share and profit from late users' deposits because of the precision loss caused by the rather large value of price per share...

6.7AI score
Exploits0
Code423n4
Code423n4
•added 2022/12/19 12:0 a.m.•20 views

LP token is vulnerable to flashloan manipulation

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The addQuote function in the pair.sol smart contract utilizes a pricing formula for liquidity pools that is susceptible to exploitation through flashloan manipulation. By introducing a large quantity of...

7AI score
Exploits0
Code423n4
Code423n4
•added 2022/11/28 12:0 a.m.•9 views

Unlimited minting of pxGmx in PirexGmx.sol which may break protocol

Lines of code Vulnerability details Impact Unlimited minting of pxGmx which may break protocol. Proof of Concept A user can call depositGmx on PirexGmx.sol and mint some pxGmx after staking some Gmx via gmxRewardRouterV2.stakeGmxamount and transferring GMX into the contract. // Transfer the...

6.9AI score
Exploits0
Code423n4
Code423n4
•added 2022/07/02 12:0 a.m.•10 views

The LP pair underlying price quote could be manipulated

Lines of code Vulnerability details The LP pair underlying price quote could be manipulated Impact The underlying price for LP pool pair can be manipulated. This kind of price mainpulation happened before, can be found here: Warp Fincance event. Whick may lead to the exploit of the pool by a...

6.7AI score
Exploits0
Code423n4
Code423n4
•added 2022/05/17 12:0 a.m.•9 views

maxFee is not checked against a max value while being updated

187 comment Warden: catchup Lines of code Vulnerability details changeFee maxFee should be checked against a maximum value like 10% to make sure it is not set too high by mistake. Impact maxFee can be set beyond limits which would mess up fee calculations. Proof of Concept getTransferFee function...

6.8AI score
Exploits0
Rows per page
Query Builder