-
LowK
medium
# Initialization of an ERC721Pool contract can be frontrun
## Summary
An ERC721Pool contract uses an initialize function instead of a constructor to init states of the contract. However…
-
# Lines of code
https://github.com/Tapioca-DAO/tapioca-bar-audit/blob/2286f80f928f41c8bc189d0657d74ba83286c668/contracts/markets/singularity/Singularity.sol#L440-L459
# Vulnerability details
## Im…
-
# Lines of code
https://github.com/code-423n4/2023-10-ethena/blob/main/contracts/EthenaMinting.sol#L162-L187
# Vulnerability details
## Proof of Concept
From the [docs](https://ethena-labs.gitbook…
-
squeaky_cactus
medium
# `SingleSidedLPVaultBase.emergencyExit` can be reverted by a front running withdrawal under certain conditions
## Summary
All the leveraged vaults share the same `emergencyEx…
-
# Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/f751d7594051c0766c7ecd1e68daeb0661e43ee3/src/oracles/ChainlinkPriceOracle.sol#L17
# Vulnerability details
`ChainlinkPriceOracle` fet…
-
feelereth
high
# frontrunning vulnerability in the code between calling update() and _update().
## Summary
The issue is that between calling update() and _update(), there is a window where the state…
-
# Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/main/src/oracles/ChainlinkPriceOracle.sol#L37-L39
https://github.com/code-423n4/2023-11-kelp/blob/main/src/oracles/ChainlinkPriceOracle…
-
# Lines of code
https://github.com/code-423n4/2023-12-autonolas/blob/2a095eb1f8359be349d23af67089795fb0be4ed1/tokenomics/contracts/Treasury.sol#L505-L521
# Vulnerability details
## Impact
- `Trea…
-
https://github.com/morpho-labs/morpho-blue-bundlers/blob/eb0694ec4871a1f386bb0cee9e112516e4c8c875/contracts/ERC4626Bundler.sol#L46
To change the approval for USDT we must first approve to 0 then in…
-
Right now we have the following pattern:
https://github.com/morpho-labs/morpho-blue-bundlers/blob/3036d49e2e680084fad0cbf0609d990e2034406c/contracts/migration/AaveV3MigrationBundler.sol#L30-L34
…