Lucene search
K

12 matches found

Code423n4
Code423n4
โ€ขadded 2023/10/04 12:0 a.m.โ€ข6 views

Users can use flashloans to get higher share of accrued token

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Users' vtoken balance is one of the factors to determine their score. Malicious users can just use some flashloan services that offer these vtokens to boost their balance temporarily, hence boosting the...

7.2AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2023/10/04 12:0 a.m.โ€ข11 views

updateScore() is vulnerable to flashloan manipulation

Lines of code Vulnerability details Impact vToken.balanceOfuser can be manipulated by dong some flash loan of vToken. Proof of Concept A flash loan attack is a type of exploit that takes advantage of the fact that flash loans are uncollateralized and do not require a credit check. In a flash loan...

7AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2023/10/04 12:0 a.m.โ€ข7 views

User scores can be wrong due to wrong scaling of the Capital.

Lines of code Vulnerability details Impact In the prime.sol contract, the function CalculateScore is used to calculate and scale the capital using 1e18 as the SCALEFACTOR. The capital is then used to call CalculateScore in Score.sol to calculate the score. The problem here is that using 1e18 as t...

6.9AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2023/05/15 12:0 a.m.โ€ข12 views

VToken mint -- Inflation attack

Lines of code Vulnerability details Impact The token could be impacted by an inflation attack. Proof of Concept At present, vToken is still susceptible to the well-known ERC4626 'Inflation Attack'. This vulnerability allows the total asset count to be inflated by making donations. This means that...

6.7AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2023/05/15 12:0 a.m.โ€ข9 views

Borrower can redeem there collateral without repaying debt completely

Lines of code Vulnerability details Impact A borrower can redeem token in a pool though it has been used as a collateral in another pool without repaying the debt. Borrower can redeem the token as underlying asset even if his/her loan position is in the situation of liquidation. Proof of Concept...

6.9AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2023/05/15 12:0 a.m.โ€ข7 views

MALICIOUS BORROWER CAN DELAY THE Comptroller.liquidateAccount() TRANSACTION BY REPAYING ONE OF HIS BORROWED ASSET SO THAT repayAmount > borrowBalance WILL OCCUR FOR THAT BORROWED ASSET, THUS REVERTING THE TRANSACTION

Lines of code Vulnerability details Impact In the Comptroller.liquidateAccount function, the liquidation orders are executed by calling the forceLiquidateBorrow function and setting the skipLiquidityCheck to true. Hence during the check for the preLiquidateHook, in the VToken.liquidateBorrowFresh...

6.8AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2023/05/15 12:0 a.m.โ€ข12 views

totalBorrows is not deducted properly when Comptroller#healAccount is called

Lines of code Vulnerability details Impact TotalBorrowed in VToken is not accounted properly when healAccount is called. Proof of Concept ComptrollerhealAccount intends to forgive the debt of the account if the debt goes far too underwater. When that happens, the collateral is seized, some of the...

6.7AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2023/05/15 12:0 a.m.โ€ข9 views

Every time borrow, the interest is treated as a loan to calculate the interest

Lines of code Vulnerability details Impact File: VToken.sol 896 uint256 accountBorrowsPrev = borrowBalanceStoredborrower; 897 uint256 accountBorrowsNew = accountBorrowsPrev + borrowAmount; After each loan, the original interest will be converted into the loan amount. This can cause interest to...

6.8AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2023/05/15 12:0 a.m.โ€ข23 views

When borrowRateMantissa is higher than the limit value, VToken contract will be DOS

Lines of code Vulnerability details Impact File: VToken.sol 678 function accrueInterest public virtual override returns uint256 --skip-- 695 uint256 borrowRateMantissa = interestRateModel.getBorrowRatecashPrior, borrowsPrior, reservesPrior; 696 requireborrowRateMantissa borrowRateMaxMantissa. Thi...

6.8AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2023/05/15 12:0 a.m.โ€ข12 views

totalBorrows inflates faster than the sum of each position's debt

Lines of code Vulnerability details Impact File: VToken.sol 678 function accrueInterest public virtual override returns uint256 --skip-- 710 Exp memory simpleInterestFactor = mulExp mantissa: borrowRateMantissa , blockDelta; 711 uint256 interestAccumulated = mulScalarTruncatesimpleInterestFactor,...

6.8AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2023/05/15 12:0 a.m.โ€ข12 views

mint and burn can be attacked by sandwiches

Lines of code Vulnerability details Impact The rewards of mint and burn are calculated based on the ratio of uTokenincluding debt and vToken, so it can be sandwiched by attackers. Proof of Concept Tools Used manual Recommended Mitigation Steps It is recommended to add the minimum receiving quanti...

6.9AI score
Exploits0
Code423n4
Code423n4
โ€ขadded 2021/12/21 12:0 a.m.โ€ข13 views

A vault can be locked from MarketplaceZap and StakingZap

Handle p4st13r4 Vulnerability details Impact Any user that owns a vToken of a particular vault can lock the functionalities of NFTXMarketplaceZap.sol and NFTXStakingZap.sol for everyone. Every operation performed by the marketplace, that deals with vToken minting, performs this check:...

6.8AI score
Exploits0
Rows per page
Query Builder