YieldNest – Back-running the rewards transfer The attacker acquires rewards that are generated by other users’ capital. Vulnerability Details An attacker can unfairly gain by back-running the transfer with rewards […]
Secure Private Key Management for DApps Clear instructions and best security practices to ensure the secure usage of private keys for smart contract management. Why does private key require more […]
ERC-4626: Easy To Understand Essentials This article covers the basics of ERC4626. Take a helicopter view of how it works and what are the main security concerns that need […]
Web3 Founder: 5 questions that help improve security for FREE Learn five essential questions every Web3 founder should ask themselves to increase the security of their project without incurring additional costs. By addressing these […]
Renzo – Inability to deposit funds due to incorrect filling the withdraw buffer Under specific conditions, user deposits will always revert. Vulnerability Details When a user deposits funds through RestakeManager, the function checks the withdraw buffer and […]
Renzo – users will suffer from other projects LST price fluctuations Holders of wBETH and other tokens that will be accepted by Renzo can compensate for their losses resulting from price drop (e.g. slashing) using […]
Renzo – Enabling stETH deposits causes miscalculations and permanent losses for users as rebase tokens are not supported Loss of capital of users who withdraw stETH. Their LST rewards will be miscalculated. Vulnerability Details The general questions section in the readme.md states […]
Mento – Voting power remains despite withdrawal Full withdrawals do not decrease user voting power when the Locking contract is stopped. Vulnerability Details Under specific conditions, the owner may stop the […]
Tapioca – OFT can be impersonated through _lzCompose with multiple compose messages This vulnerability allows anyone to make a cross-chain calls with multiple compose messages, and execute the messages (all except the first one) as the […]
