5 matches found
repay(), liquidate() and liquidateWLp() receive shares as argument, which may revert if from approval to tx settled blocks have passed
Lines of code Vulnerability details Impact repay, liquidate and liquidateWLp transactions revert if users approve the exact repay amount they need in the frontend and only after some blocks have passed is the transaction settled. This happens because the interest accrual is by timestamp, so the...
Some tokens may revert when zero value transfers are made
Lines of code 356, 371, 145, 272, 252, 116, 445, 374, 506, 488https://github.com/Tapioca-DAO/tap-token-audit/blob/59749be5bc2286f0bdbf59d7ddc258ddafd49a9f/contracts/options/TapiocaOptionBroker...
Constant product formula is not maintained in deposit() and withdraw() functions.
Lines of code Vulnerability details Impact As constant product formula is not followed, during deposit/withdraw, actualReserves - both actual NFT and BaseToken are updated but virtualReserves are not updated. This could lead to incorrect price deviation for the trader, most reverting their...
Wrong Deadline
Lines of code Vulnerability details the deadline is the timestamp after which the transaction will revert. the goal of this field is that the caller can set a deadline for the transaction so the transaction will not succeed in any arbitrary time in the future, and after this deadline, they can...
Withdrawing ETH collateral with max uint256 amount value reverts transaction
Lines of code Vulnerability details Impact Withdrawing ETH collateral via the withdrawCollateral function using typeuint256.max for the amount parameter reverts the transaction due to asset being the zero-address and IERC20Detailedasset.decimals not working for native ETH. Proof of Concept...