3 matches found
Med: withdrawDETH is not functional for array lengths greater than one.
Lines of code Vulnerability details Description The withdrawDETH function is used in GiantSavETHVaultPool to burn user's LP tokens and grant them dETH. It loops over all input vaults and all input LPTokens, and for each one calls lpTokenETH.burnmsg.sender, amount; Before that, it uses...
Attackers can prevent the transfer of the highest-value Cosmos to Ethereum transactions
Lines of code Vulnerability details In order to ensure that profitable batches are eventually created we must avoid locking up the high fee 'good transactions' into obviously bad batches. To add to the difficulty we don't actually know what any token in this process is worth or what ETH gas costs...
AbstractRewardMine - Re-entrancy attack during withdrawal
Handle ScopeLift Vulnerability details Impact The internal withdraw method does not follow the checks-effects-interactions pattern. A malicious token, or one that implemented transfer hooks, could re-enter the public calling function such as withdraw before proper internal accounting was complete...