4 matches found
SocializeLoss can does not reduce the user deposit share
Lines of code Vulnerability details Impact SocializeLoss can does not reduce the user deposit share Proof of Concept SocializeLoss can revert in underflow so the admin cannot socalize loss properly In the current implementation of the socialize loss uint256 amount = Math.ceilDivshare...
addDust in OptionsPositionManager.sol can add way more tokens than expected in cases where the asset used has less decimals
Lines of code Vulnerability details Impact The function addDust is used in closeDebt to // Add dust to be sure debt reformed = debt outstanding as stated in the NatSpec, but in the cases of tokens with less decimals, the amount calculated will be way bigger than expected which could make the whol...
Wrong value of MONTH_IN_SECONDS could make it impossible to recover NFT in 7 years
Lines of code Vulnerability details Impact Constant MONTHINSECONDS has incorrect value. Instead of 1 month, it has the value of 7 months. // @dev about 30 days in a month uint256 immutable MONTHINSECONDS = 3600 24 7 30; // @audit wrong value, could allow bufferTime and recoverTimelock become too...
Expired locks can still increaseUnlockTime when the locked_.end != msg.sender
Lines of code Vulnerability details Impact Expired locks can still increase their unlock time and the new unlocktime does not factor in the duration the lock was inactive Proof of Concept Users can increase their unlock time via the increaseUnlockTime function. In the increaseUnlockTime function ...