2 matches found
A malicious user can steal a reserved token by using shift() function of Well.sol if the well was added liquidity unsafely with zero amount of the one of tokens.
Lines of code Vulnerability details Impact A malicious user can steal a reserved token by using shift function of Well.sol if the well was added liquidity unsafely with zero amount of the one of tokens. Proof of Concept Let's assume the well with WETH and USDC tokens. Currently totalSupply is zer...
# riskFund.poolReserves return the token amount & its compaired with the USD value (units are not same)
Lines of code Vulnerability details riskFund.poolReserves return the token amount & its compaired with the USD value units are not same poolReserves in RiskFund.sol returns the token amount. But its compaired with the incentivizedRiskFundBalance which is in USD value. Proof of Concept 403 uint256...