3 matches found
OpenLevV1.sol initialization function callable multiple times
Handle sirhashalot Vulnerability details Impact The initialize function in OpenLevV1.sol has a comment of "This function is not supposed to call multiple times" but it has no checks that prevent it from being called multiple times. An initialization function should only be possible to call once...
OpenLevV1.closeTrade with V3 DEX doesn't correctly accounts fee on transfer tokens for repayments
Handle hyh Vulnerability details Impact The amount that OpenLevV1 will receive can be less than V3 DEX indicated as a swap result, while it is used as given for position debt repayment accounting. This way actual funds received can be less than accounted, leaving to system funds deficit, which ca...
OpenLevV1 runs price update for UniV2Class DEXes only
Handle hyh Vulnerability details Impact If the price currently recorded by the system is outdated, the marginTrade and liquidate functions will use a stale price if being run with V3 dexData, which is what system allows. A malicious user can act on a stale price observation, using trade opening a...