9 matches found
Upgraded Q -> 2 from #17 [1680620822176]
Judge has assessed an item in Issue 17 as 2 risk. The relevant finding follows: L-10 It is possible in theory that stakes get locked due to call to LockTo with very small reward amount I pointed out and explained in my report 7 MuteBond.sol: deposit function reverts if remaining payout is very...
Bond max-buyer might end up buying the max buy of the next epoch
Lines of code Vulnerability details The MuteBond.deposit function allows users to specify the amount of value they want to purchase bonds for or to set maxbuy to true. If maxbuy is set to true the amount specified in the value parameter is ignored and instead the maximum amount available for...
MuteBond is susceptible to DOS
Lines of code Vulnerability details Proof of Concept Observe that if timeToTokens is called with locktime = 1 week, amount 52, it will return 0. function timeToTokensuint256 amount, uint256 locktime internal pure returns uint256 uint256 weektime = 1 weeks; uint256 maxlock = 52 weeks;...
A malicious frontrunner can make the Mutebond contract broken when the owner decreases maxPayout
Lines of code Vulnerability details Impact The Mutebond contract might stop working after the owner decreased maxPayout by a malicious frontrunner. Proof of Concept setMaxPayout can be used to reset maxPayout. function setMaxPayoutuint payout external requiremsg.sender == customTreasury.owner;...
MuteBond.sol: When maxPayout is lowered the contract can end up DOSed
Lines of code Vulnerability details Impact The maxPayout variable in the MuteBond contract specifies the amount of MUTE that is paid out in one epoch before the next epoch is entered. The variable is initialized in the constructor and can then be changed via the setMaxPayout function. The issue...
MuteBond.sol: deposit function allows no control for payout and value which leads to unexpected purchases of bonds
Lines of code Vulnerability details Impact The MuteBond.deposit function allows the user to purchase a bond with LP tokens and receive MUTE tokens in return. The bondPrice increases linearly over time which I should mention means the bond gets cheaper; the naming is a bit confusing. There is...
There is a race condition betweeen MuteBond#setEpochDuration() and MuteBond#deposit()
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. There is a race condition between MuteBondsetEpochDuration and MuteBonddeposit. The issue is that when a new EpochDuration is set, it will take effect immediately, which will affect the bond price. As a...
MuteBond.sol: price discount can be manipulated which undermines its purpose of reflecting demand
Lines of code Vulnerability details Impact The bondPrice in the MuteBond contract increases linearly during the epochDuration from startPrice in the beginning to maxPrice in the end. The bondPrice determines how many MUTE tokens a user receives for bonding his LP tokens. The higher the bondPrice...
MuteBond.sol: deposit function reverts if remaining payout is very small due to >0 check in dMute.LockTo function
Lines of code Vulnerability details Impact I will show in this report how the MuteBond.deposit function can experience a temporary DOS. The attacker or just any other user by mistake or by not knowing about it can receive a payout from the deposit function that puts the payoutTotal of the current...