-
-
See the markdown file with the details of this report [here](https://github.com/code-423n4/2024-03-pooltogether-findings/blob/main/data/Al-Qa-qa-Q.md).
-
Kose
high
# Because of missing slippage parameter, mintForToken() can be front-runned
## Summary
Missing slippage parameter in ```mintForToken()``` makes it vulnerable to front-run attacks and expo…
-
# Lines of code
https://github.com/code-423n4/2024-03-taiko/blob/f58384f44dbf4c6535264a472322322705133b11/packages/protocol/contracts/L1/gov/TaikoGovernor.sol#L6
https://github.com/code-423n4/2024-03…
-
**Is your feature request related to a problem? Please describe.**
Prevents MEV and Frontrunning bots from moving in and stealing the profit. Also prevents lost $ from failed transactions
**Descri…
-
# Lines of code
https://github.com/code-423n4/2023-05-ajna/blob/main/ajna-grants/src/grants/base/ExtraordinaryFunding.sol#L85-L92
https://github.com/code-423n4/2023-05-ajna/blob/main/ajna-grants/src/…
-
# Lines of code
# Vulnerability details
### Issue mitigated
### About the problem
Attacker can frontrun deployers with `setDrawManager` call in order to set wrong draw manager address.
I believe…
-
I am not sure we should keep the `arbitrary-send` detector, from experience it does not give any meaningful results most of the time.
We need to find how to improve its heuristics or remove it
-
# Lines of code
https://github.com/code-423n4/2024-01-salty/blob/53516c2cdfdfacb662cdea6417c52f23c94d5b5b/src/pools/Pools.sol#L90
# Vulnerability details
## Impact
The first depositor in the AMM …
-
santipu_
high
# DoS on liquidations when utilization rate is high
## Summary
When a position is liquidated, the liquidator seizes some (or all) of the borrower's assets in compensation for repayin…