3 matches found
depositAsset() does not check for slippage
Lines of code Vulnerability details Impact Prices are fetched from Chainlink but it is possible that the prices are stale due to to the fact that it is not checking for the freshness of the price or chainlink could be experiencing a crash event where it would return prices between a minimum and...
Time rounding can cause users to not be able to withdraw all the funds they are eligible for
Lines of code Vulnerability details Impact The time that has passed from the start of the vest is rounded down to the closest multiplication of claim.releaseIntervalSecs. The user can claim the funds for an interval only at the end of it. That means that users can't withdraw the funds for a part ...
function exercise might fail sporadically due to UI & transaction delays.
Lines of code Vulnerability details Impact The function exercise is checking for an exact match of msg.value for it to be successful. // check correct ETH amount was sent to pay the strike requiremsg.value == vault.currentStrike, "Incorrect ETH sent for strike"; There can be a time delay between...