3 matches found
M-05 Unmitigated
Lines of code Vulnerability details Mitigation of M-05: Issue NOT mitigated Mitigated issue M-05: Reward sandwiching in VotiumStrategy The issue was that exposure to the benefits of the VotiumStrategy might be unfairly time-weighted. There were two aspects mentioned: voting power and rewards. I d...
Attacker can extract value from pool by sandwiching herself at swapAll during close
Lines of code Vulnerability details Attacker can drain the lending pool by leveraging two facts: 1. swapAll allows 1% slippage 2. There is no Health Factor check after close. Alice and Bob are good friends, the steps are in one single tx: 1. Alice deposits 10000 USDT and borrows 7000$ worth of TR...
Upgraded Q -> M from #316 [1670230229509]
Judge has assessed an item in Issue 316 as M risk. The relevant finding follows: compound in AutoPxGmx can be called by anyone and can be sandwiched if a poorly chosen amountOutMinimum is used. The idea is to call the function often by adding an incentive to the caller. There is a problematic...