4 matches found
share underflow in getPoolReward()
Lines of code Vulnerability details Impact It is important to draw attention to an issue that, while out of scope, can lead to a complete loss of funds on the contract and, therefore, seems significant. The configurePools function allows setting an arbitrary, unrestricted daoTax, which can result...
Infinite mint via points underflow (in scope)
Lines of code Vulnerability details Impact Due to unchecked math in the withdrawLP function, a user can trigger an underflow in their points and infinitely increase their rewards. The problem exists in several places. Problem 1. The configureTimelockOptions function allows setting...
Closing an unexisting credit can overflow the credit count variable in the LineOfCredit contract
Lines of code Vulnerability details The LineOfCredit contract doesn't verify if a credit exists and is properly initialized when closing it, and will update its state anyway, leading to an inconsistent count. Impact The close function in the LineOfCredit contract doesn't check if the given credit...
routerBalances[msg.sender][_local] can be inflated in repayAavePortal due to underflow in unchecked math
Lines of code Vulnerability details function repayAavePortal address local, uint256 backingAmount, uint256 feeAmount, uint256 maxIn, bytes32 transferId external uint256 totalAmount = backingAmount + feeAmount; // in adopted uint256 routerBalance = s.routerBalancesmsg.senderlocal; // in local //...