Lucene search
K

5 matches found

Code423n4
Code423n4
added 2023/07/28 12:0 a.m.9 views

Incorrect accounting in GSC approval mechanism in ArcadeTreasury

Lines of code Vulnerability details Impact Once the GSC has approved a spender for a certain amount of tokens, any further attempt to modify this approval will result in inaccessible treasury funds. Proof of Concept Currently every call to gscApprove results in the gscAllowance decreasing which...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/05/11 12:0 a.m.9 views

ExtraordinaryFunding may fail due to a decrease in the treasury funds due to a StandardFunding new distribution round

Lines of code Vulnerability details Impact Users could spend gas and possibly other off chain resources voting on an ExtraordinaryFunding proposal which would later revert when executing. Proof of Concept If an ExtraordinaryFunding proposal requests an amount of tokens between 48.5% and 50% of th...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/05/11 12:0 a.m.6 views

It is possible to steal the unallocated part of every delegation period budget

Lines of code Vulnerability details Attacker can monitor the standard proposals distribution and routinely steal each low activity period remainder by submitting a transfer to self proposal and voting a dust amount for it. Since the criteria for the final slate update is that any increase in tota...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/05/11 12:0 a.m.10 views

Extraordinary Funding proposal could be susceptible back-run

Lines of code Vulnerability details Impact An extraordinary proposal can be proposed, voted on, and executed within a single transaction, in the same block. As a result, an attacker with enough voting power to meet the conditions on their own could back-run a transaction to steal funds from the...

6.5AI score
Exploits0
Code423n4
Code423n4
added 2022/08/15 12:0 a.m.10 views

Bad access control in AdminRole.sol can lead to griefing DoS by front-running when trying to withdraw treasury funds

Lines of code Vulnerability details Proof of concept FoundationTreasury.sol inherits CollateralManagement.sol which has the method function withdrawFundsaddress payable to, uint256 amount external onlyAdmin that can withdraw the whole balance of the treasury to the to address. It can be called on...

7.1AI score
Exploits0
Rows per page
Query Builder