13 matches found
accrueConcentratedPositionTimeWeightedLiquidity may revert under special situations
Lines of code Vulnerability details Impact LiquidityMining.accrueConcentratedPositionTimeWeightedLiquidity may unintentionally reverts and make transactions does not succeed Proof of Concept The LiquidityMining.accrueConcentratedPositionTimeWeightedLiquidity function calculates the concentrated...
Timestamp Manipulation
Lines of code Vulnerability details Impact there is a problem in that contract especiall when updating tickTrackingIndex within the loop an attacker can manipulate the values of enterTimestamp and exitTimestamp to force tickActiveEnd to be significantly larger than tickActiveStart inflate the...
LiquidityMining.initTickTracking() called by MarketSequencer.initCurve() Check if the liquidity curve for the pool is already initialized.
Lines of code Vulnerability details MarketSequencer.initCurve can call LiquidityMining.initTickTracking any number of times, because their is no restriction for reinitialization. As stated in the comment section, putting the caller in charge of not reinitializing can lead to an unintentional...
An attacker can exploit the accruing liquidity functionality to accrue liquidity for more weeks than intended.
Lines of code Vulnerability details Instances The whole exploit works due to similar functionality being broken at these 4 instances: here, here, here and here. Impact An attacker can accrue both Position time weighted liquidity and Global time weighte...
Potential denial of service due to out of bound gas usage
Lines of code Vulnerability details Summary The implementation of accrueConcentratedPositionTimeWeightedLiquidity incurs in complex and unbounded computations that could lead to significant gast costs and a potential denial of service. Impact The liquidity mining program in the Ambient DEX will...
No poolIdx validation; arbitrary values can corrupt storage, require validation.
Lines of code Vulnerability details Impact No validation on poolIdx input for key functions like claimConcentratedRewards. Could pass invalid poolId and corrupt storage. The claimConcentratedRewards function is defined on LiquidityMining.sol. It takes in a poolIdx as one of the parameters functio...
users will receive lesser rewards than they are supposed to.
Lines of code Vulnerability details Impact Due to risky math being used in the contract LiquidityMining.sol, the user could lose their rewards. Proof of Concept The calculation for user rewards in the LiquidityMining.sol Contract in multple instances divides the rewards earned by the user with a...
LiquidityMining.claimConcentratedRewards() does not properly account user liquidity across ticks
Lines of code Vulnerability details Let’s say a user creates two separate positions, one is tick-15, tick and the second is tick, tick+15. The user is covering the entirety of the tick range to receive rewards but does not receive any. We see that posKey is defined like this: bytes32 posKey =...
Manipulation of Overall Liquidity Calculation
Lines of code Vulnerability details Impact in this part in code : is handle the claiming of rewards for liquidity mining. It calculates rewards based on the liquidity provided by a user, their position, and certain parameters like ambRewardPerWeek and overallTimeWeightedLiquidity, the problem is ...
deleted
Lines of code Vulnerability details deleted Assessed type Other --- The text was updated successfully, but these errors were encountered: All reactions...
Logic Error
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Manual Recommended Mitigation Steps...
The while loop used in all the accrueXXXPositionTimeWeightedLiquidity function could make a call reach the block gas limit
Lines of code Vulnerability details Proof of Concept If a user neither modifies his position nor claims rewards for a very long time, it might become impossible for him to do any action involving the internal functions accrueAmbientPositionTimeWeightedLiquidity or...
Missing 0 approval
Lines of code Vulnerability details Impact When changing the allowance value from an existing non-zero value, certain tokens e.g., USDT must first be approved by zero before approving the actual allowance. Otherwise the token will not work. Proof of Concept There are two instances of missing zero...