4 matches found
M-02 Unmitigated
Lines of code Vulnerability details Mitigation of M-02: Issue partially mitigated, see comments Link to Issue: code-423n4/2023-05-ambire-findings18 Comments While the issue mentioned in M-02 has been technically mitigated, the same attack can be performed in another function present in the wallet...
Malicious relayer can execute stale transactions by spoofing validator weights/threshold in proof
Lines of code Vulnerability details Impact Transaction is submit with wrong validator information, allowing stale commands to be executed Proof of Concept This vulnerability is a result of allowing msg.sender to provide key information identifying operators. First we need to understand how the...
Malicious Relayer Could Cause A Router To Provide More Liquidity Than It Should
Lines of code Vulnerability details Proof-of-Concept Assume this is a fast-transfer path and the sequencer has a good reason e.g. some sophisticated liquidity load balancing algorithm to assign 3 routers to provide liquidity for a transfer of 90 DAI Therefore, each of them will provide 30 DAI...
Malicious relayer could exploit sponsor vaults
Lines of code Vulnerability details Impact Sponsor vaults drained Proof of Concept reimburseRelayerFees uses SponsorVault funds to repay users the fees they pay to relayers. A malicious relayer could create a large number of transactions with the max reimbursed relay fee specified in SponsorVault...