8 matches found
The protocol is susceptible to reentrancy attacks.
Lines of code Vulnerability details Reentrancy is a well know bug in smart contract and the protocol is not handling it, The safeMint function in ERC721 make a callback to the receiver checking if they can hold a nft, this can be used to a receiver to take control of the execution of the call. in...
Staking period reset to zero
Lines of code Vulnerability details Impact The claim function checks if the user has staked 1,000 XVS for 100 days and then sets stakedAtmsg.sender = 0.Meaning, it sets the staked period for that certain user to zero. Then,it calls the mint function.The mint function then checks if the user alrea...
A malicious user can avoid unfavorable score updates after alpha/multiplier changes, resulting in accrual of outsized rewards for the attacker at the expense of other users
Lines of code Vulnerability details Note All functions/properties referred to are in the Prime.sol contract. Impact A malicious user can accrue outsized rewards at the expense of other users after updateAlpha or updateMultipliers is called. Proof of Concept An attacker can prevent their score fro...
Insufficient Input Validation Leading to Excessive Token Burn.
Lines of code Vulnerability details Impact This vulnerability allows a malicious user to redeem an amount of cash tokens that is less than the minimum redemption amount or more than the user's actual balance. This bug can be considered as a high severity bug, as it allows an attacker to burn an...
Upgraded Q -> M from #234 [1668465995897]
Judge has assessed an item in Issue 234 as M risk. The relevant finding follows: 1.LBToken: In the burn function, beforeTokenTransfer uses incorrect from and to. Burning tokens should be transferred to 0 address. Proof of Concept Recommended Mitigation Steps beforeTokenTransfer account, address0,...
Some users won't be able to burn their crowdfund token to get their voting power
Lines of code Vulnerability details Impact User which is a contract who doesn't have a receive function can't burn his token to get the governance power, because ethOwed ether are transferred to him. This is correct even if ethOwed is 0. Tools Used Manual audit Recommended Mitigation Steps Consid...
Everyone can burn principal token of any other user
Lines of code Vulnerability details Impact Everyone can burn principal token of any other user. It is very critical that you may lost your principal token anytime without any permission. Proof of Concept // Burn the prinicipal token from Illuminate token.burno, amount; function redeem uint8 p,...
Basket.handleFees() (contracts/Basket.sol#110-129) performs a multiplication on the result of a division
Handle 0xalpharush Vulnerability details Impact Users can burn tokens and evade fees by backrunning other transactions that result in handleFee being called. Proof of Concept Following another transaction that results in lastFee being updated, an attacker can call burn and withdraw their tokens...