3 matches found
totalWethDelegated does not decrease in withdraw can cause DOS
Lines of code Vulnerability details Impact The accounting for total weth delegated increases when adding, but not withdrawing. This allows anyone to inflate this value by repeatedly adding and withdrawing. This again will cause DOS of the bonding mechanism. Proof of Concept RdpxV2Core.addToDelega...
Attacker can DOS the sync function of RdpxV2Core which will brick critical functionality
Lines of code Vulnerability details Impact The sync function of the RdpxV2Core contract is critical for ensuring that the cached balances of the tokens in the contract are up to date. For example, all of the AMO logic involves sending tokens directly to the RdpxV2Core contract, meaning there's no...
The Rdpx V2 Core contract functionality blocking
Lines of code Vulnerability details Impact The RdpxV2Core contract functionality can be blocked as long as the contract WETH balance is less than totalWethDelegated. This can happen even without malicious activities. Proof of Concept The sync function of the RdpxV2Core contract has a special...