3 matches found
UserManager: updateLockedData() doesn't check that the amount is actually locked.
Handle itsmeSTYJ Vulnerability details Impact The function updateLockedData does not actually check if the amount required to be locked is actually locked. Proof of Concept Same solution as my other high issue. I've added comments where relevant. function updateLockedData address borrower, uint25...
UserManager: updateLockedData() locks more amount than required.
Handle itsmeSTYJ Vulnerability details Impact The function updateLockedData calls creditLimitModel.getLockedAmount which is executed in a for loop with amount passed as an argument. This means that all stakers that are staking on behalf of the borrower are asked to lock amount . If I wanted to lo...
Wrong implementation of CreditLimitByMedian.sol#getLockedAmount() makes it unable to unlock lockedAmount in CreditLimitByMedian model
Handle WatchPug Vulnerability details function getLockedAmount LockedInfo memory array, address account, uint256 amount, bool isIncrease public pure override returns uint256 if array.length == 0 return 0; uint256 newLockedAmount; if isIncrease ... else for uint256 i = 0; i amount newLockedAmount ...