Beginner FriendlyDeFiFoundry
100 EXP
View results
Submission Details
Severity: high
Valid

ERC20 operations not overwritten

Summary

All ERC20 operations are not overwritten and can be called by users, without using any other function of the contract.

Vulnerability Details

No ERC20 overwritten function in any contract of the protocol.

Impact

Misalignment between accounts balances in the Shelf contract and all the real movements

Tools Used

Manual review

Recommendations

Overwrite ERC20 transfer and transferFrom functions

Updates

Lead Judging Commences

n0kto Lead Judge
about 1 year ago
n0kto Lead Judge about 1 year ago
Submission Judgement Published
Validated
Assigned finding tags:

Transfer CrimeMoney break the protocol/bad account tracking

Support

FAQs

Can't find an answer? Chat with us on Discord, Twitter or Linkedin.