5 matches found
Short Call Maker Asset Can Be Frozen
Lines of code Vulnerability details Impact The fillOrder function only checks that the floorAssetTokenIds.length must be 0 when a taker fill a short call order. In other words, it does not check whether order.floorTokens.length is 0 or not, which means that if the maker includes any address in...
Create a short call order with non empty floor makes the option impossible to exercise and withdraw
Lines of code Vulnerability details Impact HIGH - assets can be lost If a short call order is created with non empty floorTokens array, the taker cannot exercise. Also, the maker cannot withdraw after the expiration. The maker will still get premium when the order is filled. If the non empty...
Attacker can take premium from taker who fill short-call orders for free.
Lines of code Vulnerability details Impact Takers who fill short-call orders may unable to exercise their long-call position. Attackers can abuse it to take premium from takers for free. In PuttyV2.fillOrder function, when taker fill short-call order, order’s maker only has to transfer erc20Asset...
Not-yet-exist ERC20 Could Be Used Within An Order
Lines of code Vulnerability details Vulnerability Details It was observed that the PuttyV2 contract uses solmate's SafeTransferLib for pulling ERC20 assets from the order maker or taker to the PuttyV2 contract. There is some difference between the implementation of solmate's SafeTransferLib and...
Fee is being deducted when Put is expired and not when it is exercised.
Lines of code Vulnerability details Impact Fee is being deducted when Put is expired and not when it is exercised in PuttyV2.sol. Comment section of the setFee function mentions "fee rate that is applied on exercise" which signifies that the fee amount is meant to be deducted from strike only whe...