4 matches found
The owner is a single point of failure and a centralization risk
Lines of code 56, 109, 127, 172, 219, 250, 115, 131, 154, 116, 131https://github.com/Tapioca-DAO/tapiocaz-audit/blob/bcf61f79464cfdc0484aa272f9f6e28d...
Reentrancy vulnerability in SGLLendingCommon._removeCollateral
Lines of code Vulnerability details Impact This vulnerability could allow an attacker to withdraw collateral from the SGLLendingCommon contract without actually removing it. This could result in a loss of funds for the lender. Proof of Concept The SGLLendingCommon.removeCollateral function is...
Reentrancy vulnerability in SGLCommon._removeAsset
Lines of code Vulnerability details Impact The function SGLCommon.removeAsset is vulnerable to reentrancy attacks. Reentrancy occurs when a contract calls another contract, and the second contract calls back to the first contract before the first contract has finished executing. This can allow th...
BigBang liquidations causes YieldBox-tokens to be locked in contract
Lines of code Vulnerability details Impact When a position gets liquidated in BigBang the contract will receive YieldBox-assetId-tokens of which some are sent to the liquidator and penrose-fee-receiver. The rest will get stuck in the contract and cannot be claimed as fees in refreshPenroseFees...