5 matches found
Well.skim() TRANSACTION CAN BE FRONT RUN BY Well.sync() TRANSACTION THUS MAKING THE Well.skim() CALL INEFFECTIVE
Lines of code Vulnerability details Impact The Well.skim external function is used to transfer the excess tokens held by the well to teh recipient. This is done by calculating the differnce between the contract balance and the reserves for each of the tokens as shown below: skimAmountsi =...
Anyone can transfer any tokens balance of Payment contract
Lines of code Vulnerability details Impact Anyone can transfer any tokens balance of Payment contract Proof of Concept 1. Someone send some tokens to Payment contract 2. Attacker will call sweepToken with token = token address, amountMinimum = Token balance of Payment contract and recipient = any...
Wrong items length assertion in basic order
Lines of code Vulnerability details When fulfilling a basic order we need to assert that the parameter totalOriginalAdditionalRecipients is less or equal than the length of additionalRecipients written in calldata. However in prepareBasicFulfillmentFromCalldata this assertion is incorrect L346: /...
ConvexStakingWrapper does not update rewards state before transferring tokens
Handle kenzo Vulnerability details ConvexStakingWrapper saves data for reward calculation in dedicated variables for each user, such as reward.rewardintegralforaccount. These variables are not updated when transferring wrapped staked tokens. Please note that Convex's original ConvexStakingWrapper...
Hypervisor.stake does not transfer tokens
Handle cmichel Vulnerability details Vulnerability Details The Hypervisor's stake action states: token transfer: transfer staking tokens from msg.sender to vault But no tokens are ever transferred. Impact Anyone with a permission can lock any amount of tokens. Recommended Mitigation Steps Transfe...