5 matches found
DoS of the staking functionality due to the check of minimum total supply
Lines of code Vulnerability details Impact The StakedUSDe contract can be accidentally blocked if the all shares will be redeemed before the VESTINGPERIOD end. The checkMinShares function will then revert for any eligible deposits. The same result will be in case of asset transferring to the...
In DestinationBridge:rescueTokens function the owner can steal user tokens
Lines of code Vulnerability details Summary In the rescueToken function, it opens the door to potential insecurity for user funds because it lacks additional conditions specifying which types of tokens or under what conditions the onlyOwner can use this function. The function looks like: / @notic...
Upgraded Q -> 2 from #44 [1680620528235]
Judge has assessed an item in Issue 44 as 2 risk. The relevant finding follows: Low 1 RescueTokens doesn't have checks for fee0 & fee1 tokens. Admin might accidentally withdraw fee tokens that are supposed to be for the stakers: --- The text was updated successfully, but these errors were...
MuteAmplifier.rescueTokens() should check conditions for fee tokens(token0/token1) as well
Lines of code Vulnerability details Impact rescueTokens can be used to withdraw fee tokens without any validations. As a result, the reward logic would be broken due to the lack of fee tokens. Proof of Concept rescueTokens doesn't validate anything for the fee tokens. So if some fee tokens were...
Logic for RescueTokens is incorrect for muteTokens
Lines of code Vulnerability details Proof of Concept The logic for RescueTokens doesn't take into account the reward remainders. I wanted to write a POC but I'm in a bit of a time crunch. So, imagine the following situation: totalRewards = 100, and staker A, B the only stakers staked for the firs...