bug-bounty622
facebook464
xss316
google152
rce105
microsoft98
apple66
csrf61
account-takeover54
web354
writeup51
exploit42
sqli41
cve37
ssrf35
cloudflare33
dos33
malware29
privilege-escalation29
defi28
smart-contract-vulnerability25
subdomain-takeover24
idor24
clickjacking23
ethereum23
smart-contract23
node22
access-control21
vulnerability-disclosure21
browser20
auth-bypass20
aws19
lfi19
remote-code-execution18
react17
reverse-engineering17
cloud17
oauth16
docker16
cors16
race-condition16
info-disclosure15
solidity14
authentication-bypass14
supply-chain13
phishing13
wordpress12
denial-of-service11
sql-injection11
delegatecall11
0
vulnerability
Brahma.Fi's L2 position handler contains a sign confusion bug in positionInWantToken() that miscalculates position value when the account is underwater, treating negative account values as positive funds. This leads to incorrect share calculations during deposits/withdrawals, fee overcharges, and potential protocol insolvency through user exploitation.
sign-confusion
position-value-miscalculation
accounting-error
protocol-insolvency
l2-security
perpetual-protocol
leverage-trading
fund-loss
withdrawal-exploit
fee-manipulation
underwater-position
clearing-house
solidity
Brahma.Fi
PerpV2Controller
PerpTradeExecutor
Perpetual Protocol
Optimism
0x1b6BF7Ab4163f9a7C1D4eCB36299525048083B5e