-
kutugu
high
# A malicious user can attack keeper run out of gas by cancel_dca_order
## Summary
- The protocol allows users to create a large number of orders without conditions, only check allowan…
-
# Lines of code
https://github.com/code-423n4/2023-07-basin/blob/c1b72d4e372a6246e0efbd57b47fb4cbb5d77062/src/Well.sol#L603
# Vulnerability details
## Impact
In the well.sol contract, the `externa…
-
# Lines of code
https://github.com/code-423n4/2023-06-stader/blob/main/contracts/StaderOracle.sol#L679
# Vulnerability details
## Impact
MEV Bot can sandwich the exchange rate update transactions…
-
# Lines of code
https://github.com/code-423n4/2023-10-brahma/blob/main/contracts/src/core/SafeDeployer.sol#L56-L255
# Vulnerability details
## Impact
Any console account or sub account deployment …
-
In this build, as I understand it, the bot can only capture and analyze transactions? He can't react to them to buy/sell?
txhash=0xe93542b719b6c9b7de4627ab9743df946964c9b63f25c05dcaa5ec4247476ba2 s…
-
rvierdiiev
high
# Attacker can frontrun SubaccountFactory.newSubaccount and steal user funds
## Summary
Because `SubaccountFactory.newSubaccount` creates account using `create` function, that means…
-
# Lines of code
https://github.com/code-423n4/2023-08-goodentry/blob/71c0c0eca8af957202ccdbf5ce2f2a514ffe2e24/contracts/TokenisableRange.sol#L143-L155
https://github.com/code-423n4/2023-08-goodentry/…
-
J4de
medium
# `JUSDBank.sol#_calculateLiquidateAmount` user can front-run liquidate 1 token to prevent others from liquidating
## Summary
`JUSDBank.sol#_calculateLiquidateAmount` user can front-ru…
-
# Lines of code
https://github.com/GenerationSoftware/pt-v5-prize-pool/blob/4bc8a12b857856828c018510b5500d722b79ca3a/src/PrizePool.sol#L434-L436
https://github.com/GenerationSoftware/pt-v5-vault/blob…
-
# Lines of code
https://github.com/code-423n4/2023-04-caviar/blob/cd8a92667bcb6657f70657183769c244d04c015c/src/PrivatePool.sol#L211
https://github.com/code-423n4/2023-04-caviar/blob/cd8a92667bcb6657f…