7 matches found
ERC721 tokens are blocked in rdpxV2Core contract
Lines of code Vulnerability details The admin has the right to recover an ERC721 token in the UniV3LiquidityAMO contract. He needs to call recoverERC721 and provide the tokenAddress and tokenid values, where the token with tokenid will be transferred to the rdpxV2Core contract...
Well.sol#removeLiquidityImbalanced - Handling Excess Reserves in removeLiquidityImbalanced Function to Prevent Unnecessary Reverts
Lines of code Vulnerability details Impact The removeLiquidityImbalanced function in the Well.sol contract is vulnerable to a potential underflow. This could disrupt the contract's functionality and prevent users from removing liquidity in an imbalanced manner. Furthermore, the function does not...
Inconsistent check for LP balance in AMO
Lines of code Vulnerability details Inconsistent check for LP balance in AMO While pulling LP tokens from the CVXStaker contract, the AMO queries the current available balance using the staked balance, which is inconsistent with the implementation of the withdraw function. Impact Curve LP tokens...
refundETH has no access control and be called repeatedly or Can be Front runned to steal WETH funds from Contract
Lines of code Vulnerability details Impact The function refundETH has no access control and called be called anyone resulting in a loss of WETH funds if address0 is entered as the recipient for removeLiquidity Proof of Concept Consider the scenario if bob calls removeliquidity which returns WETH...
Yield of LiquidityReserve can be stolen
Lines of code Vulnerability details Impact Using sandwich attacks and JIT Just-in-time liquidity, the yield of LiquidityReserve could be extracted for liquidity providers. Proof of Concept The yield of LiquidityReserve is distributed when a user calls instantUnstakeReserve in Staking. Then, in...
Slippage protection
Handle pauliax Vulnerability details Impact functions buyMalt and sellMalt, and removeLiquidity have no slippage protection and addLiquidity hardcodes it to 5%: 0, // amountOutMin Mempool snipers can profit from that by monitoring the chain and sandwiching these functions. Now it is left for the...
Anyone can remove liquidity
Handle jayjonah8 Vulnerability details Impact In UniswapHandler.sol, anyone can call the removeLiquidity function stealing all the lp tokens in the contract even if they never added liquidity in the first place since the function simply credits the msg.sender with the entire lp token balance of t...