itsmetechjay
commented
1 year ago Raymond was helping test the submission form, so I'm closing this issue.
Closed c4-submissions closed 1 year ago
itsmetechjay
commented
1 year ago Raymond was helping test the submission form, so I'm closing this issue.
Lines of code
Vulnerability details
Lines of code
Vulnerability details
Comment
A vulnerability was previously identified within the Reserve Protocol, particularly in the CurveVolatileCollateral.sol contract where an attacker could exploit the system using a flash loan to trigger an undesirable state (IFFY/DISABLED) on the CurveVolatileCollateral, causing a potential sell-off of all the CurveVolatileCollateral assets. Following the notification, the sponsor took action by deleting the said file to mitigate the vulnerability. This report confirms the mitigation and outlines the specifics of the vulnerability, alongside the action taken by the sponsor.
Conclusion