-
# Handle
cmichel
# Vulnerability details
The `ConstantProductPool.flashSwap` function disallows using the same tokens for `tokenIn` and `tokenOut`.
Therefore, flashloans cannot be used.
## Impact…
-
# Handle
0xsanson
# Vulnerability details
## Impact
The `flashswap` function in IndexPool.sol doesn't fulfill its function. Indeed it should transfer tokens to the users before they need to pay ba…
-
# Handle
GreyArt
# Vulnerability details
### Impact
The `require(_reserve0 > 0, "POOL_UNINITIALIZED");` checks in `swap()` and `flashSwap()` are redundant because the swaps would fail if `_reserv…
-
# Handle
cmichel
# Vulnerability details
The `IndexPool.swap/flashSwap` functions don't check that `tokenIn != tokenOut`.
## Impact
It does not lead to an exploit but should still be prevented.
…
-
## Prerequisites
- [x ] I have searched the [issues](https://github.com/aave/aave-ui/issues) of this repository and believe that this is not a duplicate.
## Current Behavior 😯
W…
-
# Handle
cmichel
# Vulnerability details
The `TridentRouter.addLiquidityLazy` function acts as if the `mint` function has a callback, like `flashSwap`, but this is not true for any of the pools.
…
-
# Handle
0xsanson
# Vulnerability details
## Impact
In HybridPool's `flashSwap` function there's a transfer to `barFeeTo`
```js
_transfer(tokenIn, fee, barFeeTo, false);
```
Here `fee = (amountIn …
-
# Handle
0xsanson
# Vulnerability details
## Impact
In HybridPool's `flashSwap` function there's a transfer to `barFeeTo`
```js
_transfer(tokenIn, fee, barFeeTo, false);
```
Here `fee = (amountIn …
-
# Handle
gpersoon
# Vulnerability details
## Impact
The function batch() of TridentHelper.sol only allows one occurance of one of the functions exactInputSingle or exactInputSingleWithNativeToken.…
-
# Handle
defsec
# Vulnerability details
## Impact
In a nutshell, public and external differs in terms of gas usage. The former use more than the latter when used with large arrays of data. This i…