Lucene search
+L

4 matches found

Code423n4
Code423n4
added 2023/10/04 12:0 a.m.7 views

XVSVault implementation cannot be upgraded due to lack of proper mechanism

Lines of code Vulnerability details Summary The XVSVault is expected to be upgradeable in context of xvs staked for claim to venus prime token. The XVSVault will be updated in the Prime.sol with the initializefunction. Impact The Prime.sol cannot be upgraded as clearly mentioned in the scoping...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2023/10/04 12:0 a.m.12 views

BLOCKS_PER_YEAR in Prime.sol should vary depending on leap and non-leap year

Lines of code Vulnerability details Impact Since BLOCKSPERYEAR is used for calculating the total income that's going to be distributed in a year to prime token holders in the function incomeDistributionYearly, an inadequate non-zero value for BLOCKSPERYEAR in terms of chain and/or leap/non-leap...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2023/10/04 12:0 a.m.14 views

Loss of interests due to loss of precision

Lines of code Vulnerability details Impact Users can lose accrued interest due to loss of precision during calculation. It is possible that the interestsvTokenuser.rewardIndex is changed and the interestsvTokenuser.accrued is never increased. Proof of Concept The interestsvTokenuser.rewardIndex a...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/10/04 12:0 a.m.8 views

anyone with valid token address can create DOS for accrueInterest() in prime.sol

Lines of code Vulnerability details Impact anyone or attacker with valid token address can create DOSdenial of service for accrueInterest and functions using accrueInterest in prime.sol Proof of Concept a function accrueTokens in PrimeLiquidityProvider.sol has visibility pubic,it means anyone can...

7AI score
Exploits0
Rows per page
Query Builder