4 matches found
Integer Overflow or Wraparound
Overview @openzeppelin/confidential-contracts is a Smart Contract library for use with confidential coprocessors Affected versions of this package are vulnerable to Integer Overflow or Wraparound in the wrap and onTransferReceived functions used by the ERC7984 contract. An attacker can cause user...
GHSA-HQF9-8XV5-X8XW ERC7984ERC20Wrapper: once a wrapper is filled, subsequent wrap requests do not revert and result in loss of funds.
Impact The ERC7984 contract tracks total supply using a confidential euint64 value. If a call to the internal mint function would result in the total supply overflowing, the call fails silently. The wrap and onTransferReceived functions in ERC7984ERC20Wrapper assume that mint won't fail silently...
ERC7984ERC20Wrapper: once a wrapper is filled, subsequent wrap requests do not revert and result in loss of funds.
Impact The ERC7984 contract tracks total supply using a confidential euint64 value. If a call to the internal mint function would result in the total supply overflowing, the call fails silently. The wrap and onTransferReceived functions in ERC7984ERC20Wrapper assume that mint won't fail silently...
PT-2026-3200
Impact The ERC7984 contract tracks total supply using a confidential euint64 value. If a call to the internal mint function would result in the total supply overflowing, the call fails silently. The wrap and onTransferReceived functions in ERC7984ERC20Wrapper assume that mint won't fail silently...