9 matches found
Malicious code in dewi-kentang80-riris (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 36f3e53917ac713c4c0eb48da2f24470659971dd421b8ca44aee139b808c85f3 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
_harvest() performs market swaps without slippage control and is a subject to sandwich attacks
Lines of code Vulnerability details As a result trades happen at a manipulated price and end up receiving fewer tokens than current market price dictates. Placing severity to medium as impact here is a partial fund loss conditional only on big enough asset amount to be swapped: sandwich attacks a...
Reward token (auraBal) can be locked in the strategy
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. getRewardaddress account function of Aura Locker is an external function therefore can be called by anyone by passing in the address of strategy and transferring the rewards to the strategy. harvest...
ConvexMasterChef's deposit and withdraw can be reentered drawing all reward funds from the contract if reward token allows for transfer flow control
Lines of code Vulnerability details Reward token accounting update in deposit and withdraw happens after reward transfer. If reward token allows for the control of transfer call flow or can be upgraded to allow it in the future i.e. have or can introduce the beforetokentransfer, afterTokenTransfe...
ConvexMasterChef: When _lpToken is cvx, reward calculation is incorrect
Lines of code Vulnerability details Impact In the ConvexMasterChef contract, a new staking pool can be added using the add function. The staking token for the new pool is defined using the lpToken variable. However, there is no additional checking whether the lpToken is the same as the reward tok...
Reward Token Transfer Failure Can Lead to Loss of Deposit in PermissionlessBasicPoolFactory
Lines of code Vulnerability details Impact If transfer of any reward token returns False or reverts for whatever reason, users who deposited will not be able to withdraw their deposit. A malicious pool creator could abuse this to lock tokens from victims by using two reward tokens, one...
Not all ERC20 tokens return boolean on transfer
Lines of code Vulnerability details Impact Some ERC20 tokens do not conform to the standard of returning a boolean when transfer is called. If one of these tokens is included as a reward token, the withdraw function will be irrevocably broken, and users won't be able to collect their reward or...
claimRewards() didnt follow the safe check effect pattern
Judge @GalloDaSballo has assessed the 2nd item in QA Report 230 as Medium risk. The relevant finding follows: ⦠Impact a user can claim a reward by calling the claimRewards, however this function didnt follow the correct check effect pattern, where the zero address is set after making an external...
AbstractRewardMine.sol#setRewardToken is dangerous
Handle 0x0x0x Vulnerability details Impact In case the reward token is changed, totalDeclaredReward will be changed and likely equal to 0. Since userStakePadding and globalStakePadding are accumulated, changing the reward token will not reset those values. Thus, it will create problems...