Lucene search
K

4 matches found

Code423n4
Code423n4
•added 2022/07/17 12:0 a.m.•14 views

Validation check for payFYToken and payBase functions to allow only valid users.

Lines of code Vulnerability details Impact This will prevent from calling the functions by invalid users. Unnecessary condition verification. Proof of Concept Tools Used Manual code review Recommended Mitigation Steps At the start of the functions, add validation check such that only the user who...

7.1AI score
Exploits0
Code423n4
Code423n4
•added 2022/07/17 12:0 a.m.•9 views

Caller Can Receive Both liquidatorCut and auctioneerCut

Lines of code Vulnerability details Impact Caller can call auction from one address then call payBase or payFYToken from another address receiving both liquidatorCut and auctioneerCut. Proof of Concept A caller calls auction passing in an address the caller controls, Address A, into the to...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2022/07/17 12:0 a.m.•11 views

Reduce the incentive of self liquidation

Lines of code Vulnerability details Reduce the incentive of self liquidation Impact In some situations the borrower may have incentive to self liquidate. For example: May pay less interest Redeem early and reduce the loss or the fee React to abrupt market volitility Other cases to circumvent some...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2022/07/15 12:0 a.m.•7 views

minInkOut parameter will likely cause revert

Lines of code Vulnerability details Impact In payBase, the user is able to supply maxBaseIn and minInkOut params. There is logic in the function that if the user has attempted to send more base than the cauldron currently needs, then it only takes the amount of base necessary. // If offering too...

6.7AI score
Exploits0
Rows per page
Query Builder