2 matches found
The increaseTotalValidatorActiveCount in PermissionedPool incorrectly adds requiredValidators instead of validatorToDeposit
Lines of code Vulnerability details Impact When the Stader Stake Pools Manager calls stakeUserETHToBeacon chain, it does so calculating the requiredValidators that can be added to the pool. The function internally also uses the allocateValidatorsAndUpdaterOperatorId to compute each operator's...
Attacker can frontrun user bid with wrong lotId and create the lot with that lotId, forcing the user to take a big loss
Lines of code Vulnerability details Impact User takes a huge loss by getting 1 SD token, but bidding an amount possibly much bigger. Attackers are incetivized to perform this if they are ETHx holders and want to increase the value of their tokens. Proof of Concept When a user adds a bid to the...