-
itsabinashb
medium
# RioLRTDepositPool.sol::No check for whether the asset is ETH or not when poolBalanceShareValue >= shareRequested result no reduction from wei to gwei
## Summary
No check for wh…
-
mstpr-brainbot
medium
# AssetRegistry owner can be frontrunned when removing asset
## Summary
The AssetRegistry owner can remove an asset at any time, provided that certain checks are satisfied. On…
-
# Lines of code
https://github.com/code-423n4/2024-04-renzo/blob/519e518f2d8dec9acf6482b84a181e403070d22d/contracts/Bridge/L2/xRenzoDeposit.sol#L168-L191
https://github.com/code-423n4/2024-04-renzo/b…
-
# Lines of code
https://github.com/code-423n4/2024-04-renzo/blob/519e518f2d8dec9acf6482b84a181e403070d22d/contracts/Withdraw/WithdrawQueue.sol#L229
# Vulnerability details
## Impact
Holders of wBE…
-
iamandreiski
medium
# Lack of slippage parameters can affect the LRT / share amounts during deposits / withdrawals
## Summary
During both deposits and withdrawals, the amount that the user receive…
-
0xumarkhatab
medium
# M-6 Discrepencies in block.timestamp typecasting
## Summary
Block timestamp is typecasted differently in different parts of the code leading to inconsistency and potentially b…
-
0xumarkhatab
medium
# M-4 : Discrepancy in avs activation
## Summary
AVS Activation event can misguide off-chain users and services serving as core to the protocol.
## Vulnerability Detail
Inside A…
-
KiroBrejka
medium
# [M-3] - Incorrect function overriding
## Summary
`RioLRT::clock` and `RioLRT::CLOCK_MODE` should be overriding the `IERC6372::clock` and `IERC6372::CLOCK_MODE` from `OpenZeppeli…
-
FastTiger
medium
# The amount of time an asset price is considered stale is fixed.
## Summary
In ChainLinkPriceFeed.sol, The stalePriceDelay variable reflects the amount of time an asset price is c…
-
mstpr-brainbot
high
# ETH TVL can be double erased by `verifyBalanceUpdates`
## Summary
When users request withdrawals from EigenLayer, the withdrawals are bulked. Then, the rebalance is triggered,…