Lucene search
+L

4 matches found

Code423n4
Code423n4
•added 2023/12/08 12:0 a.m.•18 views

Users can unwrap assets in batches and avoid paying fees to protocol

Lines of code Vulnerability details Impact Users can unwrap their assets from The Ocean and evade paying fees to the protocol when the requested amount is smaller than the fee divisor. This happens due to a truncation of the result in the fee calculation. Proof of Concept This affects the...

6.9AI score
Exploits0
Code423n4
Code423n4
•added 2023/05/04 12:0 a.m.•15 views

Slot and block number proofs not required for verification of withdrawal (multiple withdrawals possible)

Lines of code Vulnerability details Impact Since this is a vulnerability which involves multiple in-scope contracts and leads to more than one impact, let's start with a bug desciption from bottom to top. Library Merkle The methods verifyInclusionSha256proof, root, leaf, index and...

6.7AI score
Exploits0
Code423n4
Code423n4
•added 2023/01/30 12:0 a.m.•16 views

Protocol fees can be withdrawn multiple times in Erc20Quest

Lines of code Vulnerability details The withdrawFee function present in the Erc20Quest contract can be used to withdraw protocol fees after a quest has ended, which are sent to the protocol fee recipient address: function withdrawFee public onlyAdminWithdrawAfterEnd...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2022/02/09 12:0 a.m.•12 views

Shelter funds can be stolen

Lines of code Vulnerability details Impact Shelter has a function withdraw that lets whitelisted users withdraw a specified amount of some token. The function does not check if the user has already withdrew the tokens. Since, a user can withdraw allowed amount any number of times, stealing all th...

6.8AI score
Exploits0
Rows per page
Query Builder