2 matches found
Multiple re-entrancy issues allowing stealing of funds and bypassing protocol mint limits
Lines of code Vulnerability details Impact Multiple re-entrancy issues exist in the codebase, that break core functionality and allow stealing of user funds. In AuctionDemo.sol contract re-entrancy in cancelBid and cancelAllBids allows stealing of user funds. There are multiple attack surfaces,...
A well financed attacker could prevent any other users from minting synthetic tokens
Lines of code Vulnerability details Impact In the AlchemistV2 contract, users can deposit collateral to then borrow/mint the synthetic tokens offered by the protocol. The protocol also defines a minting limit that specifies how many synthetic tokens can be minted in a given time period. This exis...