2 matches found
When unpausing the GuardCM, not setting governorCheckProposalId to 0 puts the assets of the protocol at risk
Lines of code Vulnerability details Impact If the GuardCM was paused once, the community multisig CM can pause it again without checking for the governances activity. This moves the power within the system from the governance to the CM and can, in the worst case, result in the lose of all funds o...
Tokens can be stolen through transferTo
Handle @cmichelio Vulnerability details Vulnerability Details I know that it's stated that: VADER, USDV, SYNTHS all employ the transferTo function, which interrogates for tx.origin and skips approvals. The author does not subscribe to the belief that this is dangerous In my opinion, it can be ver...