Lucene search
K

4 matches found

Code423n4
Code423n4
•added 2023/07/10 12:0 a.m.•12 views

Well.sol::skim() anyone can transfer excess funds to their account.

Lines of code Vulnerability details Description The skim is designed to transfer excess tokens held by the contract to a specified recipient. However, it lacks proper access control checks, allowing any user to initiate the transfer of excess tokens, regardless of ownership. This presents a...

7.1AI score
Exploits0
Code423n4
Code423n4
•added 2023/07/10 12:0 a.m.•15 views

Potential token duplication validation bypass

Lines of code Vulnerability details Impact Potential token duplication validation bypass Proof of Concept The loop statement in init function will check if there is duplicated token for a Well. function initstring memory name, string memory symbol public initializer ERC20Permitinitname;...

6.8AI score
Exploits0
Code423n4
Code423n4
•added 2022/09/08 12:0 a.m.•11 views

The skim function allows to withdraw tokens for any address

Lines of code Vulnerability details Impact Any address can call the skim function and remove tokens that are in excess of the reserves of those tokens. This would lead to the loss of token 0 and 1. Recommended Mitigation Steps You should have an access control so that only the factory, for exampl...

6.9AI score
Exploits0
Code423n4
Code423n4
•added 2022/09/08 12:0 a.m.•7 views

Reserves are not updated correctly

Lines of code Vulnerability details Impact Reserves are not updated on calling transfer function when dst is contract itself. This will lead to incorrect calculation of reserve0CumulativeLast and reserve1CumulativeLast which impacts the outcome prices returned by contract Proof of Concept 1. User...

6.8AI score
Exploits0
Rows per page
Query Builder