Lucene search
K

4 matches found

Code423n4
Code423n4
added 2022/06/24 12:0 a.m.12 views

Ineffective TWAV Implementation

Lines of code Vulnerability details Background The current TWAV implementation consists of an array of 4 observations/valuations called twavObservations. Whenever, the new valuation is updated, the new cumulative valuation will be appended to the twavObservations array and the oldest...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/06/24 12:0 a.m.11 views

Issue with TWAV calculation.

Lines of code Vulnerability details Impact To calculate time weighted average value, current valuation is used. This is not appropriate way to decide the TWAV while other locations considers only time. This might not be the stable one. Proof of Concept uint256 currentValuation =...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/06/24 12:0 a.m.10 views

TWAV can be attacked by flash loan

Lines of code Vulnerability details Impact updateTWAV can be flash loaned. Hacker may pay the flash loan fee for 4 blocks then execute the attack after that. Proof of Concept function updateTWAVuint256 valuation, uint32 blockTimestamp internal uint32 timeElapsed; unchecked timeElapsed =...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2022/06/22 12:0 a.m.12 views

Transition notBoughtOut -> boughtOut -> notBoughtOut possible because of updateTWAV

Lines of code Vulnerability details Impact Because rejectBuyout uses the TWAV, which is time-weighted and updateTWAV can be called, it is possible that notBoughtOut is true at first, then boughtOut is true, and then notBoughtOut is true again. See Proof of Concept for how one can construct such a...

6.7AI score
Exploits0
Rows per page
Query Builder