Lucene search
K

4 matches found

Code423n4
Code423n4
added 2023/09/14 12:0 a.m.12 views

requestDeposit and requestRedeem do not allow for any price guarantee, opening users to sandwich attacks and other losses

Lines of code Vulnerability details Impact Request functions take only the desired input amount as a parameter, giving no way for the caller to control the fulfilment price. The price is decided by the Centrifuge mainnet only. function requestDeposituint256 assets, address owner; function...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/10/30 12:0 a.m.13 views

Protocol's usability becomes very limited when access to Chainlink oracle data feed is blocked

Lines of code Vulnerability details Impact Based on the current implementation, when the protocol wants to use Chainlink oracle data feed for getting a collateral token's price, the fixed price for the token should not be set. When the fixed price is not set for the token, calling the Oracle...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/03/16 12:0 a.m.10 views

Renouncepauser function is dangerous

Lines of code Vulnerability details Impact If pauser makes an error all the protocol will be unusable Proof of Concept The funtion renouncePauserPausable.sol which affect several contracts is dangerous. function renouncePauser external virtual onlyPauser emit PauserChangedpauser, address0; pauser...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/09/08 12:0 a.m.9 views

CompoundToNotionalV2.notionalCallback ERC20 return values not checked

Handle cmichel Vulnerability details Vulnerability Details Some tokens like USDT don't correctly implement the EIP20 standard and their transfer/transferFrom function return void instead of a success boolean. Calling these functions with the correct EIP20 function signatures will always revert. S...

6.8AI score
Exploits0
Rows per page
Query Builder