2 matches found
M-10 Unmitigated
Lines of code Vulnerability details Issue not mitigated About the problem There was unsafe cast in the getTier function and warden has stated, that in case if value will be bigger than uint96.max, then wrong prize amount will be used. Solution Pool together has increased Tier.prizeSize variable t...
User able to steal all votes escrowed in LockingVault due to downcasting
Lines of code Vulnerability details Even though the LockingVault is considered out of scope, it contains very serious vulnerability allowing anyone to steal ALL Arcade voting tokens. The vulnerability is possible due to downcasting amount to withdraw to uint96. In case that the amount of tokens...