Submission Details
Severity: high
transferFrom function can fail silently leading to wrong pool.poolBalance. An attacker can become lender and remove or borrow the tokens without sending any funds to the contract for lending.
Prize pool breakdown
Total prize
20,000 USDC
nSLOC
70628 USDC / LOC
High Medium
18,000 USDC
Low
2,000 USDC
Live
The contest is live. Earn rewards by submitting a finding.
Appeals
This is your time to appeal against judgements on your submissions.
Appeals Review
Appeals are being carefully reviewed by our judges.