Lucene search
+L

4 matches found

Code423n4
Code423n4
added 2021/05/19 12:0 a.m.12 views

delegatedTransferERC20() on line 442 of Visor.sol, able to get locked erc20 tokens

Handle Sherlock Vulnerability details Impact Because of getBalanceLocked not returning the full sum of the balances, if you have the approval you are able to transfer locked erc20 tokens. Proof of Concept Tools Used Hardhat Recommended Mitigation Steps Calculate balance using balance.add...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/05/19 12:0 a.m.5 views

timeUnlockERC20() on line 619 of Visor.sol, able to unlock locked erc20 tokens

Handle Sherlock Vulnerability details Impact Because of getBalanceLocked not returning the full sum of the balances, you can unlock tokens that are locked. Even if the amount balanceaddressthis. You can just transfer tokens to the contract. With a flashloan like structure. Proof of Concept...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/05/19 12:0 a.m.7 views

getBalanceLocked on line 202 of Visor.sol doesn't return the total balance, just the highest balance

Handle Sherlock Vulnerability details Impact Causes some internal miscalculations allowing people to take out locked funds using timeUnlockERC20 and delegatedTransferERC20 Proof of Concept Tools Used Hardhat Recommended Mitigation Steps Calculate balance using balance.add lockData.balance on line...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/05/19 12:0 a.m.10 views

timelockERC721Keys could exceed the block size limit

Handle Sherlock Vulnerability details Impact On line 504 of Visor.sol, looping through the timelockERC721Keys could exceed the block size limit Proof of Concept N/A Tools Used Hardhat Recommended Mitigation Steps Transfer by index instead of token ID --- The text was updated successfully, but the...

6.9AI score
Exploits0
Rows per page
Query Builder