2 matches found
Re-entrace danger in PCVDeposit
Lines of code Vulnerability details Impact A malicious contract can empty all the system if he get ETH with the function withdrawETH. The onlyPCVController call this function and send ETH to the malicious contract, and then the malicious can use delegatecall and pretend to be onlyPCVController, a...
NonCustodialPSM can become insolvent as CPI index rises
Lines of code Vulnerability details Impact NonCustodialPSM mints and redeems VOLT to a chosen stablecoin at the current market rate minus a fixed fee. It is assumed that the difference to be covered with pcvDeposit funds. That assumption is similar to one used in FEI protocol, but there no rate...