Closed sherlock-admin closed 1 year ago
Avci
medium
this implementation have high risk of funds loss for protocol if just value calculated wrong or manipulated
reservedFunds -= value;
will cause funds lost
https://github.com/sherlock-audit/2023-01-derby/blob/main/derby-yield-optimiser/contracts/MainVault.sol#L216
Manual Review
consider checking the value before sub logic from reservedFunds
Avci
medium
this implementation have high risk of funds loss for protocol if kust value calculated wrong or manipulated
Summary
this implementation have high risk of funds loss for protocol if just value calculated wrong or manipulated
Vulnerability Detail
Impact
will cause funds lost
Code Snippet
https://github.com/sherlock-audit/2023-01-derby/blob/main/derby-yield-optimiser/contracts/MainVault.sol#L216
Tool used
Manual Review
Recommendation
consider checking the value before sub logic from reservedFunds