4 matches found
Ineffective TWAV Implementation
Lines of code Vulnerability details Background The current TWAV implementation consists of an array of 4 observations/valuations called twavObservations. Whenever, the new valuation is updated, the new cumulative valuation will be appended to the twavObservations array and the oldest...
Issue with TWAV calculation.
Lines of code Vulnerability details Impact To calculate time weighted average value, current valuation is used. This is not appropriate way to decide the TWAV while other locations considers only time. This might not be the stable one. Proof of Concept uint256 currentValuation =...
TWAV can be attacked by flash loan
Lines of code Vulnerability details Impact updateTWAV can be flash loaned. Hacker may pay the flash loan fee for 4 blocks then execute the attack after that. Proof of Concept function updateTWAVuint256 valuation, uint32 blockTimestamp internal uint32 timeElapsed; unchecked timeElapsed =...
Transition notBoughtOut -> boughtOut -> notBoughtOut possible because of updateTWAV
Lines of code Vulnerability details Impact Because rejectBuyout uses the TWAV, which is time-weighted and updateTWAV can be called, it is possible that notBoughtOut is true at first, then boughtOut is true, and then notBoughtOut is true again. See Proof of Concept for how one can construct such a...