Git-Mirrors/blockchains-security-toolkit
1
0
Fork 0
mirror of https://github.com/autistic-symposium/blockchains-security-toolkit.git synced 2025-08-02 19:36:18 -04:00
Code Issues Projects Releases Packages Wiki Activity

fix typos

Browse source
This commit is contained in:
omahs 2024-12-08 07:50:27 +01:00 committed by GitHub
parent b8418464bb
commit 74fb071a54
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 2 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

4
advanced_expert/attack_reviews/top_immunefi_vulnerabilities/enzyme.md
View file

@ -6,7 +6,7 @@
<br> <br>
* Using a flashloan from `IdleTokenGovernance.sol` affected the `totalSupply` fo the Idle tokens, which was used to calculate the price of the token. * Using a flashloan from `IdleTokenGovernance.sol` affected the `totalSupply` of the Idle tokens, which was used to calculate the price of the token.
* Price calculations were based on the `totalNav / totalSupply` of the tokens. * Price calculations were based on the `totalNav / totalSupply` of the tokens.
* It's worth noting the initial Idle Token integration was with v4, which did not have any flashloan logic. That was later added in v5, thus unintentionally introducing a bug into Enzyme's Finance protocol. * It's worth noting the initial Idle Token integration was with v4, which did not have any flashloan logic. That was later added in v5, thus unintentionally introducing a bug into Enzyme's Finance protocol.
@ -50,7 +50,7 @@
### PoC ### PoC
1. Fund malicious contract with WETH to be able to swap it later for USDC to pay for a flashloan. 1. Fund malicious contract with WETH to be able to swap it later for USDC to pay for a flashloan.
2. Make a flashloan of IdleUSCDYield tokens. This will in fact, affect GAV calculations. 2. Make a flashloan of IdleUSDCYield tokens. This will in fact, affect GAV calculations.
3. During a flashloan, call `buyShares`. As GAV calculations are affected, we are buying shares at a discount now. 3. During a flashloan, call `buyShares`. As GAV calculations are affected, we are buying shares at a discount now.
4. Repay flashloan. 4. Repay flashloan.
5. Call `redeemShares` to sell all the bought shares of Idle fund for a profit. 5. Call `redeemShares` to sell all the bought shares of Idle fund for a profit.