3 matches found
EUVD-2025-199308
Malicious code in @ifelsedeveloper/protocol-contracts-svm-idl npm...
Owner will be address(0) because it is not initialized
Lines of code Vulnerability details Impact Owner will be address0 making the functions which use the onlyOwner modifier insolvable Proof of Concept There are contracts in the protocol which use the Ownable from OZ: esLBRBoost.sol, EUSDMiningIncentives.sol, ProtocolRewardsPool.sol,...
Vote locking should block wrapper contracts
Lines of code Vulnerability details The reason that users are given boosted rewards for locking their governance tokens is that by making them illiquid for a set amount of time, the supply available to be sold is restricted, and users buying the token are more able to push the price up. Impact By...