Git-Mirrors/blockchains-security-toolkit
1
0
Fork 0
mirror of https://github.com/autistic-symposium/blockchains-security-toolkit.git synced 2025-08-03 11:56:22 -04:00
Code Issues Projects Releases Packages Wiki Activity
blockchains-security-toolkit/Top-Immunefi-Vulnerabilities/apwine.md
bt3gl 5bf2e1c2d2
Update apwine.md
2022-06-13 23:59:50 -07:00

976 B
Raw Blame History

APWine Incorrect Check of Delegations



  • The APWine protocol can be used to tokenize future yields.

  • APWine operates by storing Interest Bearing Tokens (IBT) or any other yield-bearing asset in a smart contract for a specified period of time and issuing Future Yield Tokens (FYT) in exchange.

  • Bug: in the PT tokens, one condition wasnt checked during the burn of those tokens which could lead to the theft of the yield from the protocol after the two periods, i.e. 6 months. (The condition is a if on an not address(0), which is called by a burn method).

  • The division of a yield-bearing asset into Principal Tokens (PTs) and Future Yield Tokens is the essential functionality of APWine. A users deposits to the protocol are represented by the PTs. At the start of each period, the APWine generates FYT from PTs in a 1:1 ratio.