8 matches found
Unlimited Global & User Withdrawal right after previous period ends and new period begins
Lines of code Vulnerability details Impact Checks for Global and User Withdraw Limit Per Period are missing for the first withdrawal request right AFTER period length expires and a new period begins. First withdrawal request amount after period length expires can be way higher than...
In WithdrawHook.hook(), withdraw limits can be bypassed.
Lines of code Vulnerability details Impact In WithdrawHook.hook, withdraw limits can be bypassed. As a result, users might withdraw more amount of the base token at a time than they should. Proof of Concept WithdrawHook.hook checks the withdraw limits like below. if lastGlobalPeriodReset +...
WithdrawHook doesn't check that userWithdrawLimitPerPeriod is less than globalWithdrawLimitPerPeriod
Lines of code Vulnerability details Impact WithdrawHook doesn't check that userWithdrawLimitPerPeriod is less than globalWithdrawLimitPerPeriod. It allows to user withdraw more then globalWithdrawLimitPerPeriod per period. Proof of Concept Function WithdrawHook.hook should not allow to withdraw...
user's funds lock and incorrect code behavior because users withdrawal amount won't get reset for all users in each userPeriodLength in WithdrawHook contract
Lines of code Vulnerability details Impact according to the comments in code: "Every time userPeriodLength seconds passes, the amount withdrawn for all users will be reset to 0" . but in current implementation only one of the users userToAmountWithdrawnThisPeriod value gets reset and this will...
limits are not correctly enforced in withdrawHook contract
Lines of code Vulnerability details Impact withdrawHook contract checks that inside a specified length of time only certain amount of withdrawal are possible per user and globally. But on every period reset the allowed withdraw limit check is missing. And a user can withdraw more that is allowed...
A whale user is able to cause freeze of funds of other users by bypassing withdraw limit
Lines of code Vulnerability details Description In Collateral.sol, users may withdraw underlying tokens using withdraw. Importantly, the withdrawal must be approved by withdrawHook if set: function withdrawuint256 amount external override nonReentrant uint256 baseTokenAmount = amount...
WithdrawHook.hook doesn't validate amount when lastUserPeriodReset + userPeriodLength < block.timestamp
Lines of code Vulnerability details Impact WithdrawHook.hook doesn't validate amount when lastUserPeriodReset + userPeriodLength block.timestamp. As result user can withdraw more than he is allowed. Proof of Concept Function WithdrawHook.hook should not allow users to withdraw more than is allowe...
Unsafe usage of ERC20 methods
Lines of code Vulnerability details There are many weird ERC20 tokens that don't follow the standard ERC20 interface. Depending on the ERC20 token, some transfer errors may result in passing unnoticed, or some successful transfers may be treated as failed. The current implementation assumes that...