9 matches found
Malicious DepositBase may stole dust fund from ReceiverImplementation
Lines of code Vulnerability details Impact Malicious DepositBase may stole dust fund from ReceiverImplementation Proof of Concept // @dev This function is used for delegate by DepositReceiver deployed above // Context: msg.sender == AxelarDepositService, this == DepositReceiver function...
Refund Address can forcefully receive WETH
Lines of code Vulnerability details Impact In AxelarDepositService.sol , the refundAddress could forcefully receive WETH instead of the refundToken when calling any of the 3 functions refundTokenDeposit , refundNativeDeposit and refundNativeUnwrap. This is possible by due to // Allowing only the...
No Storage Gap for Upgradeable Contract Might Lead to Storage Slot Collision
Lines of code Vulnerability details Impact For upgradeable contracts, there must be storage gap to "allow developers to freely add new state variables in the future without compromising the storage compatibility with existing deployments" quote OpenZeppelin. Otherwise it may be very difficult to...
No storage gap for Upgradable contract might lead to storage slot collision
Lines of code Vulnerability details Impact For upgradeable contracts, there must be storage gap to “allow developers to freely add new state variables in the future without compromising the storage compatibility with existing deployments” quote OpenZeppelin. Otherwise it may be very difficult to...
selfdestruct will be banned after "The Purge" phase of ethereum merge. DepositReceiver may be broken. Any interaction between AxelarDepositService may result in the loss of fund.
Lines of code Vulnerability details Impact selfdestruct will be banned after "The Purge" phase of ethereum merge. DepositReceiver may be broken. Any interaction between AxelarDepositService may result in the loss of fund. Since AxelarDepositService that deal with native token is highly associated...
Not calling approve(0) before setting a new approval causes the call to revert when used with some tokens
Lines of code Vulnerability details Not calling approve0 before setting a new approval causes the call to revert when used with Tether USDT Impact Some tokens like USDT do not work when changing the allowance from an existing non-zero allowance value it will revert if the current approval is not...
AxelarDepositService: When wrappedToken is not weth, sendNative may cause users to lose ether.
Lines of code Vulnerability details Impact In the sendNative function of the AxelarDepositService contract, the wrappedToken address is treated as weth-like and the wrappedToken's deposit function is called. If the wrappedToken address is TokenType.External token and is not weth-like and the...
Anyone can receive tokens
Lines of code Vulnerability details Impact As long as there is token balance or WETH in ReceiverImplementation contract, anybody can receive tokens or weth by making a call to AxelarDepositService.nativeUnwrap with their address as recipient Tools Used Manual review Recommended Mitigation Steps...
Attacker can steal all the wrapped tokens, ether or native currency contained in the ReceiverImplementation contract
Lines of code Vulnerability details Impact since all the functions in the ReceiverImplemention are all designed to be called by DepositBase and AxelarDepositService, why not create a simple modifer to check if msg.sender equals either of the two when a delegatecall or call occurs, like so modifie...