3 matches found
Calling repay function sends less DOLA to Market contract when forceReplenish function is not called while it could be called
Lines of code Vulnerability details Impact When a user incurs a DBR deficit, a replenisher can call the forceReplenish function to force the user to replenish DBR. However, there is no guarantee that the forceReplenish function will always be called. When the forceReplenish function is not called...
[WP-H1] Debt can be repaid with a depegged underlyingToken, which can be exploited by arbitrageurs and drives the market price of alToken to match the worst depegged underlyingToken
Lines of code Vulnerability details function normalizeUnderlyingTokensToDebtaddress underlyingToken, uint256 amount internal view returns uint256 return amount underlyingTokensunderlyingToken.conversionFactor; function repayaddress underlyingToken, uint256 amount, address recipient external...
amount requires to be updated to contract balance increase (3)
Lines of code Vulnerability details Impact Every time transferFrom or transfer function in ERC20 standard is called there is a possibility that underlying smart contract did not transfer the exact amount entered. It is required to find out contract balance increase/decrease after the transfer. Th...