Lucene search
+L

4 matches found

Code423n4
Code423n4
added 2023/09/14 12:0 a.m.9 views

Any user can drain the escrow contract by calling decreaseDepositRequest with more amount than they deposited into the escrow while requesting.

Lines of code Vulnerability details Impact In the protocol, users submit deposit requests to the Centrifuge gateway for depositing assets into the Liquidity Pools. There is also a mechanism to decrease this deposit order by calling LiquidityPool::decreaseDepositRequest which decreases their depos...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/01/03 12:0 a.m.11 views

TokenggAVAX.sol : First depositor can break minting of shares

Lines of code Vulnerability details Impact A well known attack vector for almost all shares based liquidity pool contracts, where an early user can manipulate the price per share and profit from late users' deposits because of the precision loss caused by the rather large value of price per share...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/01/25 12:0 a.m.9 views

LP inflation attack is possible as pools can be created with zero liquidity

Handle hyh Vulnerability details Impact A griefing by LP inflation attack is possible: an attacker can create pools for popular token pairs, provide a tiny amount of initial liquidity with addLiquidity, then send big enough amounts of base and quote tokens to the pool contract Exchange just...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/01/05 12:0 a.m.20 views

vulnerability

Handle 0v3rf10w Vulnerability details In technical terms, Timeswap is an automated protocol based on the use of liquidity pools and implemented on the Ethereum blockchain. Users create liquidity pools with the participation of smart contracts. One pool is one marketplace providing exchange in a...

7.1AI score
Exploits0
Rows per page
Query Builder