5 matches found
RDPX price manipulation benefit for attacker via a Flashloan attack
Lines of code Vulnerability details Impact As the RdpxV2Core contract burns RDPX tokens, a malicious attacker can benefit from a price manipulation attack using a flashloan attack Proof of Concept The function bond in the RdpxV2Core contract is a primary function to enter the protocol and bond...
Incorrect price precision in RdpxV2Core
Lines of code Vulnerability details Impact The core contract expects the price oracle to return 1e8 precision, but its actually 1e18. This will cause heavily incorrect results from all usages of the price. Proof of Concept The RdpxV2Core.getRdpxPrice function is meant to return 1e8 precision:...
Users can redeem rDpx they haven't deposited
Lines of code Vulnerability details Impact This can lead to loss of funds for the protocol Proof of Concept In the redeem function of PerpetualAtlanticVaultLP, rdpx amount to send to the user is calculated in addition to the Weth and there is no check for if the user actually owns the rdpx. asset...
getLpPriceInEth and getRdpxPriceInEth return prices in 1e18 decimals, but we use it as 1e8 decimals
Lines of code Vulnerability details Impact Wrong decimals/price if we use RdpxEthOracle.sol as the oracle. Proof of Concept rdpx/eth oracle is not in the scope of this audit, so we can assure they are correct and only check if we use the API right. According to...
the perpetualVaultLP.sol is vulnable by flashloan attack
Lines of code Vulnerability details impact The perpVaultLp contract is susceptible to a flash loan attack. An attacker can exploit the vulnerability by executing flash loan transactions using both the deposit and redeem functions. This allows the attacker to acquire extra rdpx tokens and increase...