3 matches found
pump reserves will be corrupted if numberOfReserves become less
Lines of code Vulnerability details Impact Pump's reserves will be corrupted. Proof of Concept In MultiFlowPump, we didn't enforce if numberOfReserves has changed from slot.readNumberOfReserves. If update is called with less numberOfReserves, the reserves array can be corrupt, leading to unexpect...
Due to slot confusion, reserve amounts in the pump will be corrupted, resulting in wrong oracle values
Lines of code Vulnerability details Description The MultiFlowPump contract stores reserve counts on every update, using the libraries LibBytes16 and LibLastReserveBytes. Those libs pack bytes16 values efficiently with the storeBytes16 and storeLastReserves functions. In case of an odd number of...
The MultiFlowPump.sol/update() function will neither update nor revert any call made to it by any Well Implementation, hence will fail in storing the correct reserve values.
Lines of code Vulnerability details Impact The MultiFlowPump will not be able to update the lastReserves, emaReserves, cumulativeReserves. This will let any attacker to manipulate the value of reserves to any number. Proof of Concept As provided the code of update function, the getDeltaTimestamp...