8 matches found
CVXStaker.sol Unable to process newly add rewardTokens
Lines of code Vulnerability details Impact The lack of a mechanism to modify rewardTokens If convex adds new extraRewards CVXStaker.sol cannot transfer the added token Proof of Concept CVXStaker.sol will pass in rewardTokens in constructor and in getReward, loop this array to transfer rewardToken...
RewardTokens can be locked in MultiRewardStaking contract when the rewardsEndTimestamp of the rewardsTokens are different.
Lines of code Vulnerability details Impact To claim reward tokens from the MultiRewardStaking contract deployed, a user must call claimRewardsaddress user, IERC20 memory rewardsTokens. The rewardsTokens array is populated with getAllRewardsTokens which returns all the reward Tokens the...
MultiStakingReward.sol assumes all RewardTokens are in 18 decimal places
Lines of code Vulnerability details Impact Calculation of accrued rewards will be affected. Proof of Concept The function accrueRewards is called anytime rewards needs to be accrued. The variable supplyTokens is the total supply of the reward token. deltaIndex is calculated by taking the accrued ...
UpdateReward Modifier is brickable
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The private variable RewardTokens is an unbounded list of addresses that the modifier updateReward loops over and updates the state variable rewardTokenInfo. The gas consumption can become increasingly...
Revert if too many rewardTokens in VE3DLocker
Lines of code Vulnerability details Impact There are a couple logic that iterate rewardTokens, which may run exceed block gas limit if there are too many rewardTokens, potentially freezing reward. Proof of Concept function setApprovals external for uint256 i; i function claimableRewardsaddress...
Unable to updateReward if there are too many rewardTokens
Lines of code Vulnerability details Impact If there are too many rewardTokens, updateReward might run exceed block gas limit and freeze fund since stake and withdraw have the updateReward modifier. Proof of Concept function addReward address rewardToken, address veAssetDeposits, address...
[WP-H9] _swapUniswapV2 may use an improper path which can cause a loss of the majority of the rewardTokens
Lines of code Vulnerability details function harvestuint256 minOutCurve external onlyRoleSTRATEGISTROLE convexConfig.baseRewardPool.getRewardaddressthis, true; //Prevent Stack too deep errors DexConfig memory dex = dexConfig; IERC20 memory rewardTokens = strategyConfig.rewardTokens; IERC20 weth =...
Creating rewardTokens without streaming depositTokens
Handle bitbopper Vulnerability details Impact stake and withdraws can generate rewardTokens without streaming depositTokens. It does not matter whether the stream is a sale or not. The following lines can increase the reward balance on a withdraw some time after stake: // accumulate reward per...