6 matches found
CVE-2025-57247
The BATBToken smart contract address 0xfbf1388408670c02f0dbbb74251d8ded1d63b7a2, Compiler Version v0.8.26+commit.8a97fa7a contains incorrect access control implementation in whitelist management functions. The setColdWhiteList and setSpecialAddress functions in the base ERC20 contract are declare...
Depository.sol#L291 : Lack of slippage protection when deposit tokens in exchange for a bond from a specified product
Lines of code Vulnerability details Impact Lack of slippage protection for an user from minting the OLAs for the given token amount. When the price fluctuation is high, user would suffer with huge loss. Proof of Concept Depository contract would be used to create a product and for a particular...
changeRegistries() from the Tokenomics contract changes different registries at the same time.
Lines of code Vulnerability details Impact In a case where either one of the agent, component or service registry are deprecated, attempting to replace the compromised registry necessitates an overall replacement of all the other registries. This not only utilizes excess gas but can also bring...
A MALICIOUS USER CAN FRONT RUN AND EXECUTE THE Tokenomics.initializeTokenomics TRANSACTION TO BECOME THE OWNER OF THE Tokenomics CONTRACT
Lines of code Vulnerability details Impact The Tokenomics.initializeTokenomics is an external function which can be called by anyone, Since there is no access control. Hence a malicious user can front-run the valid initialization transaction and become the owner of the Tokenomics contract. This i...
Potential inaccurate calculation of maxBond and effectiveBond in case of delayed call to checkpoint()
Lines of code Vulnerability details Impact The checkpoint function in the Tokenomics contract is responsible for recording global data when a new epoch starts. This function contains a potential issue when the checkpoint function is not called exactly at the end of an epoch that finishes very clo...
In tokenomics,sol, anyone can become admin and can at the same time alter the values of all input paramaters of the initializeTokenomics() function.
Lines of code Vulnerability details Impact This bug report is about a lack of access control checks on initializeTokenomics functions used to configure the protocol during the deployment. An attacker could exploit this vulnerability by front-running the deployment process and call...