-
# Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/main/src/LRTOracle.sol#L88
# Vulnerability details
## Impact
Assuming the protocol is in a emergency state or is compromised (worst…
-
# Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/main/src/oracles/ChainlinkPriceOracle.sol#L38
# Vulnerability details
## Impact
Use of deprecated function latestAnswer(), the API m…
-
# Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/main/src/oracles/ChainlinkPriceOracle.sol#L38
# Vulnerability details
## Proof of Concept
According to the Chainlink documentation (…
-
# Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/c5fdc2e62c5e1d78769f44d6e34a6fb9e40c00f0/src/LRTDepositPool.sol#L212-L215
# Vulnerability details
## Impact
The `DEFAULT_ADMIN_ROLE`…
-
# Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/c5fdc2e62c5e1d78769f44d6e34a6fb9e40c00f0/src/LRTDepositPool.sol#L159-L176
# Vulnerability details
## Description
This vulnerability …
-
# Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/f751d7594051c0766c7ecd1e68daeb0661e43ee3/src/NodeDelegator.sol#L74-L90
# Vulnerability details
## Impact
The staker could silently l…
-
# Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/main/src/oracles/ChainlinkPriceOracle.sol#L37-L39
# Vulnerability details
## Summary
The Chainlink oracle is used to get the token p…
-
# Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/main/src/LRTDepositPool.sol#L71
https://github.com/code-423n4/2023-11-kelp/blob/main/src/LRTOracle.sol#L52
# Vulnerability details
*…
-
# Lines of code
https://github.com/code-423n4/2023-11-kelp/blob/f751d7594051c0766c7ecd1e68daeb0661e43ee3/src/LRTDepositPool.sol#L95-L110
# Vulnerability details
## Impact
*This issue persists reg…
-