Lucene search
K

6 matches found

Code423n4
Code423n4
added 2023/07/03 12:0 a.m.14 views

distributeRewards can revert because of the too strict slippage check

Lines of code Vulnerability details Impact The report highlights that the distributeRewards function can revert due to a strict slippage check. The provided proof of concept demonstrates the issue, where the slippage is set to 98%, leading to potential transaction failures. Proof of Concept...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/30 12:0 a.m.11 views

WstEth.withdraw() improper implementation of slippage check

Lines of code Vulnerability details Impact In the current implementation of withdraw, the amount is not controlled by minOut. Impact: Users can get rekt. Proof of Concept function withdrawuint256 amount external onlyOwner IWStETHWSTETH.unwrapamount; uint256 stEthBal =...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/02/02 12:0 a.m.9 views

_mintFromAssets: no slippage check

Handle cmichel Vulnerability details The sNOTE.mintFromAssets function uses tokens to provide single-sided liquidity. In Balancer this is basically a combination of a swap to balanced amounts followed by providing balanced liquidity. Note that no slippage checks are used as mintOutputAmount is se...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/01/27 12:0 a.m.12 views

Pair creation can be denied

Handle cmichel Vulnerability details The LaunchEvent.createPair requires that no previous pool was created for the WAVAX token pair. function createPair external isStoppedfalse atPhasePhase.PhaseThree address wavaxAddress, address tokenAddress = addressWAVAX, addresstoken ; // @audit grief: anyon...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/12/01 12:0 a.m.17 views

Missing slippage/min-return check in UniswapHandler

Handle cmichel Vulnerability details The contracts are missing slippage checks which can lead to being vulnerable to sandwich attacks. A common attack in DeFi is the sandwich attack. Upon observing a trade of asset X for asset Y, an attacker frontruns the victim trade by also buying asset Y, lets...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2021/11/16 12:0 a.m.15 views

Improper implementation of slippage check

Handle WatchPug Vulnerability details function redeemIERC20 token, uint amount, uint poolId, int128 idx, uint minOut external defend blockLocked whenNotPaused returnsuint out ibbtc.safeTransferFrommsg.sender, addressthis, amount; Pool memory pool = poolspoolId; if poolId = minOut, "Slippage Check...

6.9AI score
Exploits0
Rows per page
Query Builder