2 matches found
The user may lose the remaining tokens once the partial withdraw completed in processWithdraws() function. Unable to access the old withdrawalQueue once the queuedWithdrawalHead incremented
Lines of code Vulnerability details Impact User lose the tokens once partial withdraw completed. Proof of Concept function processWithdrawsuint256 count external override nonReentrant whenNotPaused"POOLPROCESSWITHDRAWS" assertqueuedWithdrawalHead + count - 1 nextQueuedWithdrawalId; for uint256 i ...
The design defect of the ActivePool rehypothecation mechanism, ReaperVaultV2 administrators have too much authority and have the conditions and motives to do evil, so make users lack trust in the ETHOS system (crisis of trust)
Lines of code Vulnerability details Impact In the design logic of the current system, ActivePool holds all the collaterals of active troves and deposits part of them in ReaperVaultV2 for re-mortgaging. If the deposit and withdraw functions of ReaperVaultV2 revert, Core functions such as borrowing...