Lucene search
K

4 matches found

Code423n4
Code423n4
added 2023/04/03 12:0 a.m.8 views

MuteAmplifier.rescueTokens() checks the wrong condition for muteToken

Lines of code Vulnerability details Impact There will be 2 impacts. The reward system would be broken as the rewards can be withdrawn before starting staking. Some rewards would be locked inside the contract forever as it doesn't check totalReclaimed Proof of Concept rescueTokens checks the below...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/03/30 12:0 a.m.6 views

A staker might be still be able to stake after staking is over.

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. A staker might be still be able to stake after staking is over. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrate...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/09 12:0 a.m.10 views

Risk of flashloan attacks in the Staking contract

Lines of code Vulnerability details Impact An attacker can steal a large amount of rewardsToken from the Staking contract by using flashloans, thus all the users will receive less rewards for their staked amounts. Proof of Concept In the Staking contract any user can stake a given amount of...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/05/08 12:0 a.m.19 views

Users Can Prevent Excess Tokens From Being Withdrawn By The Pool Creator In withdrawExcessRewards()

Lines of code Vulnerability details Impact Because pools will likely never be fully utilised by stakers while active, the following assumption in withdrawExcessRewards can be broken by preventing any receipt withdrawal: requirepool.totalDepositsWei == 0, 'Cannot withdraw until all deposits are...

6.9AI score
Exploits0
Rows per page
Query Builder