2 matches found
Zero strike call options can be systemically used to steal premium from the taker
Lines of code Vulnerability details Some non-malicious ERC20 do not allow for zero amount transfers and order.baseAsset can be such an asset. Zero strike calls are valid and common enough derivative type. However, the zero strike calls with such baseAsset will not be able to be exercised, allowin...
_transferNFTs can end up transferring nothing
Lines of code Vulnerability details Malicious maker can list an NFT that conforms to ERC-165, but reports that it's neither ERC721, nor ERC1155, i.e. both supportsInterface0x80ac58cd and supportsInterface0xd9b67a26 are false. In all other regards it can be fully valid NFT, for example having...