Lucene search
+L

5 matches found

code423n4
code423n4
added 2023/02/01 12:0 a.m.10 views

Malicious user can create a dummy Lendgine contract by mimicing a salt with same encoding format but using a malicious AMM invariant function

Lines of code Vulnerability details Impact Lendgine contract address is created using a salt that is generated by a hash of pool parameters in Factory.sol. A malicious user can create a Lendgine exploit contract that uses the salt generated by exact same encoding but this contract inherits a Pair...

6.9AI score
Exploits0
code423n4
code423n4
added 2022/02/09 12:0 a.m.10 views

Same reward token in pools can break accounting

Lines of code Vulnerability details The ConvexStakingWrapper contract uses several reward pool tokens rewardspidindex.token and it can be that the same token is used for different pids. Indeed, the CVX/CRV tokens are always at index 0 and 1. The rewards will be distributed to the first pool id pi...

6.8AI score
Exploits0
code423n4
code423n4
added 2021/12/17 12:0 a.m.7 views

User can lose Funds

Handle csanuragjain Vulnerability details Impact User funds lost Proof of Concept 1. Navigate to contract at 2. User joins a pool having 5 tokens in the basket by using joinPool function 3. Owner decides to remove 1 of the token from the basket 4. User exits the pool by calling exitPool function...

6.7AI score
Exploits0
code423n4
code423n4
added 2021/12/15 12:0 a.m.8 views

DoS when depositing collateral

Handle cmichel Vulnerability details The Pool.depositCollateral and Pool.addCollateralInMarginCall functions require the caller to have a pool token balance of zero. function depositCollateraluint256 amount, bool transferFromSavingsAccount external payable override requireamount != 0, 'DC1'; //...

6.8AI score
Exploits0
code423n4
code423n4
added 2021/04/28 12:0 a.m.8 views

Missing access restriction on lockUnits/unlockUnits

Handle @cmichelio Vulnerability details Vulnerability Details The Pool.lockUnits allows anyone to steal pool tokens from a member and assign them to msg.sender. Impact Anyone can steal pool tokens from any other user. Recommended Mitigation Steps Add access control and require that msg.sender is...

6.9AI score
Exploits0
Rows per page
Query Builder