11 matches found
Malicious Package
Overview solana-mev-bot is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...
Only ensure the Lp is repaid when close the position invites MEV bot
Lines of code Vulnerability details Impact Only ensure the Lp is repaid when close the position invites MEV bot Proof of Concept in the function closePosition function closePosition DataStruct.ClosePositionParams calldata params, DataCache.ClosePositionCache memory cache, Lien.Info memory lien,...
MEV bot can frontrun user's repayment to liquidate user first when the OmniPool is unpaused
Lines of code Vulnerability details Impact MEV bot can frontrun user's repayment to liquidate user first when the OmniPool is unpaused Proof of Concept this report tries to combine a few issue 1. when OmniPool is paused, interest is still accuring 2. when OmniPool is paused, user cannot repay 3...
SWAP TRADES COULD BE EXECUTED AT A LATER POINT IN TIME BY THE MINERS, IF deadline == 0
Lines of code Vulnerability details Impact The Swapper.swapExactInput external function, has the deadline parameter to control the execution time of the swap transaction. If the block.timestamp has elapsed the deadline given the transaction will revert as per the implementation in the...
LACK OF deadline CHECK COULD PROMPT DELAYED EXECUTION OF swap OPERATION
Lines of code Vulnerability details Impact The RewardHandler.sellRewards function is used by governance and trusted sellers to sell reward tokens for collateral tokens. This function ensures that none of the collateral should be decreased after the swap by checking their respective balances befor...
SfrxEth slippage and fee stealing
Lines of code Vulnerability details Impact The SfrxEth derivative contract calculates the maximum slippage for buying SfrxEth from curve pool by using the current price in the pool at runtime, without considering the price at which the user submitted the transaction to the mempool: uint256 minOut...
Reth slippage and fee stealing
Lines of code Vulnerability details Impact The Reth derivative contract calculates the maximum slippage for buying rETH from the Uniswap V3 pool by using the current price in the pool at runtime, without considering the price at which the user submitted the transaction to the mempool: uint...
WstEth slippage and fee stealing
Lines of code Vulnerability details Impact The WstEth derivative contract calculates the maximum slippage for buying WstEth from curve pool by using the current price in the pool at runtime, without considering the price at which the user submitted the transaction to the mempool: uint256 minOut =...
user can loose ETH when using Router::multicall
Lines of code Vulnerability details Impact When using Router multicall function user must not forgot to append to the multicall data array calls for unwrapWETH9 or refundETH. If the user forgets to do this a MEV bot can see the missed tokens and take them out because anyone can call the mentioned...
Oracle may be relying on a low reserves pair, which is easy to manipulate
Lines of code Vulnerability details Impact While the observations isn't easy to manipulate, it's still possible to manipulate some of them using an MEV bot and some tokens. In case of a pair with low reserves, the manipulation is going to be cheaper and might be worth for an attacker. Since there...
Yield may be stolen by MEV bot by sandwiching harvest()
Lines of code Vulnerability details Impact Yield may be stolen by MEV bot by sandwiching harvest. Because of minimum output amount of swapping is set to 0. Which mean MEV bot can pump price of AURA token to the highest price before your strategy swap to let you buy AURA token at an incredibly hig...