ID:
tidal-finance-1125
100 pts
Platform:
Type:
Category:
Method:
Data Sources:
Polygon
Protocol
Insurance
Rewards - Bug Bounties
Extended Method:
Logic error in reward calculation allowing malicious user to take rewards generated from staking that they are not entitled to.
Days in Operation:
743
(2.04 Years)
100 pts each
Tidal Finance is a decentralized discretionary mutual cover protocol that offers the DeFi community the ability to hedge against the failure of any DeFi protocol or asset.
Whitehat Csanuragjain submitted a critical vulnerability in Tidal Finance to Immunefi. The vulnerability was a logic error that permitted a malicious user to claim more rewards from staking than they were entitled to. Approximately 300 million Tidal tokens were locked in the staking contract at the time. Since the trigger condition would require multiple requirements to meet during a claim and payout process, it is unclear how much could have been stolen with additional claims. Tidal Finance quickly patched the bug and paid out a $25,000 USDT bounty to the whitehat.
DISCLAIMER: While web3rekt has used the best efforts in aggregating and maintaining this database, this web site makes no representations or warranties with respect to the accuracy or completeness of its information and data herein, and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose.
Under no circumstances, shall web3rekt be liable for any loss of profit or funds, any regulatory or governmental penalties, any legal costs, or any other commercial and non-commercial damages, including but not limited to special, incidental, consequential, or other damages from any or all usage of the data and information derived from this database.