3 matches found
Wrong pools reward calculation. User will get smaller rewards (always)
Lines of code Vulnerability details Impact When adding new token pool for staking in MasterChef contract function addaddress token, uint allocationPoints, uint16 depositFee, uint startBlock All other, already added, pools should be updated but currently they are not. Instead, only totalPoints is...
Unconstrained fee
Lines of code Vulnerability details Impact Token fee in MasterChef can be set to more than 100%, for example by accident causing all deposit calls to fail due to underflow on subtraction when reward is lowered by the fee, thus breaking essential mechanics. Note that after the fee has been set to...
During stake or deposit, users would not be rewared the correct Concur token, when MasterChef has under-supply of it.
Lines of code Vulnerability details Impact During stake or deposit, users would not be transferred the correct Concur token, when MasterChef has under-supply of it. There is an assumption that MasterChef contract would own enough Concur tokens so as to distribute to users as reward, during deposi...