Lucene search
+L

9 matches found

Code423n4
Code423n4
added 2023/01/27 12:0 a.m.12 views

Timeswap Options has no reentry check and is providing a set of flashloan with no fees

Lines of code Vulnerability details high-flashloan-provider @timeswap Impact In the file /package/v2-option/TimeswapV2Option.sol, There are a range of functions that has no Reentry check. As a consequence, when the contract call back msg.sender, an attacker can then reeentry in his own callee...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/01/27 12:0 a.m.9 views

Malicious lender can create pool imbalance by tricking V2 pool into accepting disproportionately large number of long tokens in exchange for short tokens

Lines of code Vulnerability details Impact Timeswap V2 Pool works on constant product AMM where the total long tokens & short tokens follow the equation total long total short = L. Any increase in short tokens caused by lenders has to be accompanied with a proportionate drop in long tokens to kee...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/01/27 12:0 a.m.14 views

Fee on transfer tokens will not behave as expected

Lines of code Vulnerability details Impact According to Whitepaper 1.1 Permissionless: "In Timeswap, liquidity providers can create pools for any ERC20 pair, without permission. It is designed to be generalized and works for any pair of tokens, at any time frame, and at any market state ... If fe...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/03/05 12:0 a.m.9 views

NPM Dependency confusion. Unclaimed NPM Package and Scope/Org

Lines of code Vulnerability details Impact I discovered an npm package and the scope of the package is unclaimed on the NPM website. This will give any User to claim that package and be able to Upload a Malicious Code under that unclaimed package. This results in achieving the Remote code executi...

7.5AI score
Exploits0
Code423n4
Code423n4
added 2022/01/09 12:0 a.m.11 views

timeswap testnet

Handle 0x1f8b Vulnerability details Error: java.lang.IndexOutOfBoundsException: Index: 204, Size: 45 --- The text was updated successfully, but these errors were encountered: All reactions...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/01/09 12:0 a.m.9 views

timeswap testnet

Handle 0x6672 Vulnerability details Error: java.lang.IndexOutOfBoundsException: Index: 204, Size: 45 --- The text was updated successfully, but these errors were encountered: All reactions...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/01/08 12:0 a.m.14 views

safeName() can revert causing DoS

Handle sirhashalot Vulnerability details Impact The safeName function, found in the SafeMetadata.sol contract and called in 4 Timeswap Convenience contracts in the name functions, can cause a revert. This could make the 4 contracts not compliant with the ERC20 standard for certain asset pairs,...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/01/08 12:0 a.m.10 views

safeSymbol() can revert causing DoS

Handle sirhashalot Vulnerability details Impact The safeSymbol function, found in the SafeMetadata.sol contract and called in 4 Timeswap Convenience contracts in the symbol functions, can cause a revert. This could make the 4 contracts not compliant with the ERC20 standard for certain asset pairs...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/01/05 12:0 a.m.20 views

vulnerability

Handle 0v3rf10w Vulnerability details In technical terms, Timeswap is an automated protocol based on the use of liquidity pools and implemented on the Ethereum blockchain. Users create liquidity pools with the participation of smart contracts. One pool is one marketplace providing exchange in a...

7.1AI score
Exploits0
Rows per page
Query Builder