Lucene search
K

4 matches found

Code423n4
Code423n4
added 2023/03/30 12:0 a.m.9 views

sfrxETH.ethPerDerivative is incorrect, leading to incorrect minting amount of safETH

Lines of code Vulnerability details SafeETH.stake allows users to stake ETH and be minted an amount of safETH that corresponds to the ETH value of the derivatives that resulted from their deposit. The minting amount is based on: preDepositPrice, which is a function of the total safETH minted and...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/02/01 12:0 a.m.12 views

A malicious early user/attacker can manipulate the share price to take an unfair share of future users' deposits

Lines of code Vulnerability details Impact A malicious early user/attacker can manipulate the share price to take an unfair share of future users' deposits. The first minter can manipulate the supply of LP tokens and baseToken-fractional ratio, hindering small liquidity providers from interacting...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/11/28 12:0 a.m.19 views

Attackers can manipulate ERC4626 price per share to take an unfair share of future users

Lines of code Vulnerability details Impact The attacker can get funds from future users, and the future users will lose their funds. Proof of Concept A malicious early user can deposit with 1 wei of asset token and get 1 wei of shares. Then he/she can send 10000e18 - 1 of asset tokens and inflate...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/01/13 12:0 a.m.10 views

[WP-H36] Admin of the index pool can withdrawCredit() after applyCover() to avoid taking loss for the compensation paid for a certain pool

Handle WatchPug Vulnerability details In the current implementation, when an incident is reported for a certain pool, the index pool can still withdrawCredit from the pool, which in the best interest of an index pool, the admin of the index pool is preferred to do so. This allows the index pool t...

6.8AI score
Exploits0
Rows per page
Query Builder