10 matches found
Lost fees
Lines of code Vulnerability details Impact Buyers do not get any split of the fees. It is instead to be distributed to holders. But holder splits on successive buys are partially lost to the contract and cannot be recovered. Proof of concept The buyer's rewardsLastClaimedValueidmsg.sender is...
Pausing Optimism Portal only pauses withdrawals, can result in locked or lost funds
Lines of code Vulnerability details The comment over OptimismPortal.pause indicates pause should affect both deposits and withdrawls. Currently, only finalizeWithdrawalTransaction and proveWithdrawlTransaction implement the whenNotPaused modifier. Both depositTransaction and donateETH do not...
anyone can call initialize() functions which can cause lost of funds and contract ownership
Lines of code Vulnerability details Impact Most of the smart contracts have an initialize function that anyone can call as initialize function visibility is either external or public. This could lead to a race condition when the contract is deployed. At that moment a hacker or attacker could call...
Funds may be lost if processCalls is called from a contract
Lines of code Vulnerability details Impact In CrossChainRelayerArbitrum.processCalls, msg.sender is set as the address to receive any refund both excess fee refund and call value refund in the createRetryableTicket call. Arbitrium credits the refunded value to L2 balance, so if the user doesn't...
Exchange.sol has payable functions but no way of withdrawing
Lines of code Vulnerability details Exchange.sol has payable functions but no way of withdrawing Impact Functions are payable: IExchange.execute Exchange.execute Exchange.bulkExecute Exchange.execute UUPSUpgradeable.upgradeToAndCall But there is no way of withdrawing, so funds can be lost PoC But...
Making a payment to the protocol with _dontMint parameter will result in lost fund for user.
Lines of code Vulnerability details Impact User will have their funds lost if they tries to pay the protocol with dontMint = False. A payment made with this parameter set should increase the creditsOf balance of user. In processPayment, creditsOfdata.beneficiary is updated at the end if there are...
Some of user funds stuck in contract because of division rounding error in beforeWithdraw()
Lines of code Vulnerability details Impact Function beforeWithdraw has been used in withdraw of Vault contract to calculates withdraw amount of users but because of division rounding error in this funds some user's funds would stuck in contract. Proof of Concept This is beforeWithdraw code:...
No slippage protection on _swapUnderlyingToUst can lead to lost funds
Handle harleythedog Vulnerability details Impact The function swapUnderlyingToUst exists to swap underlying tokens to Ust. The last argument to exchangeunderlying is mindy, which specifies the minimum number of Ust to be returned from the swap. Currently, this value is set to 0, so the function i...
Certain view functions should never be used in code, only UI. They are easily manipulated.
Handle tensors Vulnerability details Impact The view functions in StablesConverter.sol can be manipulated to give incorrect answers by flashloan attacks. Using them within the code in a naive way can lead to lost funds. Example Recommendations Make sure the functions are only used as estimates fo...
Tokens can get locked and funds lost when minting is disabled in Vader.sol and USDV.sol
Handle 0xRajeev Vulnerability details Impact The flipMinting function can disable/stop conversion/redeeming of VADERUSDV tokens upon DAO approval when that functionality is added. When minting is disabled i.e. false, the convert functions in USDV.sol accept VADER tokens from sender L170 but do no...