9 matches found
PerpetualAtlanticVaultLP incentives can be stolen via flash loan
Lines of code Vulnerability details Impact The liquidity pooled from the PerpetualAtlanticVaultLP is used by the core contract. This liquidity is provided by anyone, and after each epoch 1 week an incentive is paid after to further incentivise liquidity provision. However, the funds can be stolen...
MEV searchers can capture slippage tolerance on pool creation
Lines of code Vulnerability details Impact In the current Caviar protocol, anybody can supply initial liquidity to a newly created pool. An LP who intends to create a new pool and add liqiduity could execute the following transactions: 1. LP transaction 1: pair = Caviar.create 2. LP transaction 2...
_mintFromAssets: no slippage check
Handle cmichel Vulnerability details The sNOTE.mintFromAssets function uses tokens to provide single-sided liquidity. In Balancer this is basically a combination of a swap to balanced amounts followed by providing balanced liquidity. Note that no slippage checks are used as mintOutputAmount is se...
sNote one sided LP provisions are vulnerable to sandwich attacks
Handle hyh Vulnerability details Impact Both types of one sided liquidity addition are enabled with sNote minting: a user can mint with only ETH/WETH and with only Note. In both cases a price impact of the operation isn't controlled. As a result the sandwich attack is possible and can be...
LP inflation attack is possible as pools can be created with zero liquidity
Handle hyh Vulnerability details Impact A griefing by LP inflation attack is possible: an attacker can create pools for popular token pairs, provide a tiny amount of initial liquidity with addLiquidity, then send big enough amounts of base and quote tokens to the pool contract Exchange just...
Covering impermanent loss allows profiting from asymmetric liquidity provision at the expense of reserves
Handle hyh Vulnerability details Impact Pool funds will be siphoned out over time as swaps and asymmetric LP provision are generally balancing each other economically. While with introduction of IL reimbursement a malicious user can make an asymmetric LP, then profit immediately from out of balan...
RewardReinvestor.provideReinvest and splitReinvest are vulnerable to sandwich attacks as market price isn't checked
Handle hyh Vulnerability details Impact Liquidity provision can happen at a manipulated price which leads to immediate loss for liquidity provider i.e. IL happens right after liquidity provision in this case. This yields direct loss for an LP account owner, for example schematically: 0. Suppose...
AddLiquidity allows sandwich attacks on direct use within hard coded 5% slippage tolerance
Handle hyh Vulnerability details Impact Liquidity provision can happen at a manipulated price which leads to immediate loss for liquidity provider i.e. IL happens right after liquidity provision in this case. This yields direct loss for an account owner, for example schematically: 0. Suppose...
PostAuctionLauncher's liquidity provision can be exploited
Handle cmichel Vulnerability details The PostAuctionLauncher.finalize function takes the raised payment token amounts and uses previously provided auction token amounts to provide liquidity to a Sushiswap pool after an auction has successfully been finalized. It provides this liquidity at a...