2 matches found
Adversary can reenter mint to bypass max allowance.
Lines of code github.com/code-423n4/2023-10-nextgen/blob/main/smart-contracts/NextGenCore.solL189-L200 Vulnerability details Description MinterContract.mint calls NextGenCore.mint, which variables that accounts the amount of tokens each user minted is changed only after mintProcessing, that has a...
claimRewards is not re-entrancy safe.
Lines of code Vulnerability details Impact In MultiRewardStaking the function claimRewards doesn’t have nonReentrant which makes it possible to re-enter the function. If one of the reward tokens in ERC-777 token, it is possible to re-enter and claim the reward again and again until the contract i...