Skip to content

Latest commit

 

History

History
38 lines (21 loc) · 658 Bytes

022.md

File metadata and controls

38 lines (21 loc) · 658 Bytes

Tame Foggy Pony

High

Combo of cancelling an order + modifying an order allows for a protocol drain

Summary

No response

Root Cause

Not clearing the order mapping upon cancelling an order

Internal pre-conditions

No response

External pre-conditions

No response

Attack Path

  1. Bob creates an order for 100 tokens
  2. Bob cancels his order receiving 100 tokens back
  3. Bob modifies his order by withdrawing up to the minimum deposit amount, this works as the order mapping is not cleared upon cancelling the order

Impact

Protocol drain

PoC

No response

Mitigation

Clear the mapping upon cancelling an order