Lucene search
K

4 matches found

Code423n4
Code423n4
added 2022/11/08 12:0 a.m.15 views

Solmate's SafeTransferLib won't check if token has code, which can affect transfers in SizeSealed

Lines of code Vulnerability details Impact Not checking for token existence is a know issue for Solmate. This can cause unexpected contract functionality for transfers implemented in SizeSealed. Note that this might not be a problem for baseToken due to the check implemented in L103. However, thi...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/11/08 12:0 a.m.15 views

Bid can be cancelled after being finalized

Lines of code Vulnerability details Impact The SizeSealed contract's cancelBid function can be called after auction has been finalized, thereby allowing the bidder to withdraw their quoteToken after bid is finalized This is possible by bypassing the if a.data.lowestQuote != typeuint128.max ||...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/11/08 12:0 a.m.9 views

Quotetoken can be address(0) or any EOA and still allow auctions and bids to be created

Lines of code Vulnerability details Impact createAuction in SizeSealed.sol performs no validation of the auction parameters AuctionParameters sent to it and will allow a Seller to create an auction with an ERC20 quoteToken of address0 putting at risk the baseToken that has real value. In addition...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/01/26 12:0 a.m.10 views

[WP-H2] Transferring quoteToken to the exchange pool contract will cause future liquidity providers to lose funds

Handle WatchPug Vulnerability details In the current implementation, the amount of LP tokens to be minted when addLiquidity is calculated based on the ratio between the amount of newly added quoteToken and the current wallet balance of quoteToken in the Exchange contract. However, since anyone ca...

6.8AI score
Exploits0
Rows per page
Query Builder