3 matches found
Centralization risk
Lines of code Vulnerability details Impact MANAGERADMIN can set a very high value for minimumRedeemAmount which will ensure that all attempt to redeem amount simply fails Proof of Concept 1. User A wants to redeem amount 100000 using the requestRedemption function 2. Before User A can do so,...
redeemFresh does not work
Lines of code Vulnerability details Impact The CNote contract uses the CToken contract's redeemFresh function to perform redeem operations. However, since the CNote contract does not hold note tokens, the getCashPrior returns 0 and is less than the redeemAmount, causing the redeemFresh function t...
User could lose underlying tokens when redeeming from the IdleYieldSource
Handle shw Vulnerability details Impact The redeemToken function in IdleYieldSource uses redeemedShare instead of redeemAmount as the input parameter when calling redeemIdleToken of the Idle yield source. As a result, users could get fewer underlying tokens than they should. Proof of Concept When...