2 matches found
steal user funds with front-running when he calls depositTokens() of MerkleDropFactory with wrong treeIndex (uninitiated)
Lines of code Vulnerability details Impact If a user calls depositTokens with wrong treeIndex value by mistake, attacker can perform front-running attack and steal user funds before user transaction reach the contract, attacker will create multiple trees in MerkleDropFactory until he reach tree...
steal user funds with front-running when he calls depositTokens() of MerkleVesting and MerkleResistor with wrong treeIndex (uninitiated)
Lines of code Vulnerability details Impact This nature of this bug is similar in MerkleVesting and MerkleResistor and MerkleDropFactory, so I only write MerkleDropFactory version: If a user calls depositTokens with wrong treeIndex value by mistake, attacker can perform front-running attack and...