5 matches found
Counterparty-exchange owner may alter policy manager in execution callback, altering the price of subsequent order matching
Lines of code Vulnerability details Impact In the context of bulkExecute, with a sqeuence of executions requested, transferring ETH, ERC721 or ERC1155 may result in a hook/callback to a counterparty on receipt of ETH or one of these tokens. If this counterparty is also the exchange owner, or is...
Recipients Can Steal Remaining ETH from Exchange
Lines of code Vulnerability details Impact This vulnerability allows recipients to reenter the Exchange contract, stealing remaining ETH. When a batch of orders are matched using the bulkExecute method a malicious recipient of assets may reenter the bulkExecute method, stealing ETH that would've...
Standard policy price matching is flawed
Lines of code Vulnerability details Impact Already placed orders may be highly unlikely able to be matched and executed. An order has to be created specifically for an already existing order with the intent to match and execute it. This severely impedes the functionality of the exchange, wastes...
The amount of gas calculation for refunding is incorrect
Lines of code Vulnerability details Impact While matching the orders the gas cost is calculated so that it can be refunded back to the contract. The calculation for this gas is incorrect. The function keeps track of the gasleft at the beginning of the loop and adds additional amount of gas for pr...
Multiple items order can be matched to many same items order
Lines of code Vulnerability details Impact Let's consider an example. Alice makes an order for an ERC1155, where she wants to buy 10 items with id=1 and 10 with id=2. This order can be matched using matchOneToManyOrders with two orders that sell both 10 items with id=1. Basically Alice gets 20 id...