New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Investigate vulnerability to double-entry point tokens #912

Closed

EndymionJkb opened this issue Aug 20, 2024 · 1 comment · Fixed by #1057

Collaborator

EndymionJkb commented Aug 20, 2024

Per TOB-BALV3-8:

Some proxied tokens have multiple addresses. If a token with multiple
addresses is used in the Vault, this token can be drained by calling the settle function since the reserves accounting of the Vault assumes a token only has a single address associated with it.

Celo is such a token. We had a reentrancy issue in v2 with double-entry tokens; is there anything we can do beyond documenting it?

Contributor

jubeira commented Oct 16, 2024

Let's just close this one after this is clearly documented; we won't support these.

EndymionJkb mentioned this issue

Document unsupported (and deprecated) token types #1057

Merged

10 tasks

EndymionJkb closed this as completed in #1057

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment