Lucene search
K

25 matches found

Code423n4
Code423n4
added 2023/11/15 12:0 a.m.10 views

First deposit of 1 Wei will block further rsETH minting

Lines of code Vulnerability details Impact If the initial deposit in the DepositPool is 1 wei of any supported token rETH, cbETH, or stETH, 1 wei of rsETH will be minted for the first depositor. However, subsequent rsETH minting will be prevented because the rsethAmountToMint will always round do...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/11/15 12:0 a.m.10 views

Users could game oracle price deviation

Lines of code Vulnerability details Summary Prices returned from Chainlink oracles have different conditions to update the reported values, which can be abused by Impact Prices for the different LST assets supported in the Kelp protocol are obtained from a Chainlink oracle. The data feeds for eac...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/09/27 12:0 a.m.9 views

Users can deposit() even when Chainlink's price feed for CVX is stale

Lines of code Vulnerability details Bug Description In VotiumStrategy.sol, the price of vAfEth is determined by the price function: VotiumStrategy.solL31-L33 function price external view override returns uint256 return cvxPerVotium ethPerCvxfalse / 1e18; As seen from above, it calls ethPerCVX wit...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/09/07 12:0 a.m.18 views

Price Manipulation Through Vulnerability in simulateRange Function

Lines of code Vulnerability details Impact The simulateRange function, although designed for simulation and testing purposes, could potentially be exploited in a sandwich attack scenario. A malicious actor could front-run a user's transaction by using a flash loan to manipulate the price,...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2023/08/07 12:0 a.m.59 views

Check for the L2 Sequencer's uptime when calling the Chainlink feed is not implemented

Lines of code Vulnerability details Impact The getAnswer function in the LPOracle and OracleConvert contracts has a vulnerability that does not include a check for the Sequencer's uptime when calling the Chainlink feed CLTOKENA, CLTOKENB. In Layer 2 L2 systems, the Chainlink oracle may return an...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/03/09 12:0 a.m.9 views

Lottery owner can rig the draw to win the jackpot by swapping the source

Lines of code Vulnerability details Lottery owner can rig the draw to win the jackpot by swapping the source Impact The lottery owner has the ability to swap the Random Source under certain cirumstances, and this can be exploited to set a new source contract that returns any number set by it. Thi...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/12/09 12:0 a.m.6 views

Dangerous casting from i256 to u256 of the price returned by the Chainlink oracle

Lines of code Vulnerability details Impact Referring to the docs, Chainlink oracles are returning the price as an int256, which means that the answer can be a negative price. Later, this price is casted as an uint256 in the case of an oracle that is set, which overflows when price 0. Any price...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/12/09 12:0 a.m.10 views

Decimals of the oracle is not checked

Lines of code Vulnerability details Impact Decimals of the Chainlink oracle is not checked, it is assumed to have the same unit as BASECURRENCYUNIT but it might not always be the case. If the oracle use a different number of decimals all the price will be wrong by magnitudes. Proof of Concept...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/10/30 12:0 a.m.13 views

Protocol's usability becomes very limited when access to Chainlink oracle data feed is blocked

Lines of code Vulnerability details Impact Based on the current implementation, when the protocol wants to use Chainlink oracle data feed for getting a collateral token's price, the fixed price for the token should not be set. When the fixed price is not set for the token, calling the Oracle...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/09/19 12:0 a.m.9 views

PegOracle.sol#L59 : Issue with "price1" calculation.

Lines of code Vulnerability details Impact The calculated price1 could be negative or outdated one. This could affects the codes places wherever the latestRoundData is used to determine the price. one of the place is in Controller.solL261 - function getLatestPriceaddress token Proof of Concept...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/06/29 12:0 a.m.10 views

No authentication for SimplePriceOracle

Lines of code Vulnerability details Impact Anyone can call setUnderlyingPrice on the SimplePriceOracle to set the oracle values. These are in turn used for the interest calculations, meaning anyone can manipulate this calculation via the Oracle. Note that SimplePriceOracle in Compound is only...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/05/07 12:0 a.m.10 views

Deprecated Chainlink oracle API

Lines of code Vulnerability details Impact Deprecated Chainlink oracle API. API might stop working. Prices could be outdated. Protocol might need to be redeployed or false prices might lead to users losing funds. Proof of Concept The contracts use Chainlink’s deprecated API latestAnswer. Such...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/05/07 12:0 a.m.10 views

Oracle Prices Could Be Stale Or Manipulated due to latestAnswer() call

Lines of code Vulnerability details Impact In calls to the Chainlink oracle, the deprecated API function latestAnswer is used. This approach is vulnerable to price manipulation and stale prices according to the Chainlink documentation. This vulnerability was marked as Medium severity in the...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/04/21 12:0 a.m.10 views

Chainlink oracle data can be stale

Lines of code Vulnerability details Impact Oracle data can be stale which can lead to wrong calculations for balancing indexes. Proof of Concept When lastRoundData is called only price is pulled from the provided data. RoundId should be checked to ensure the data is updated. Recommended Mitigatio...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/04/19 12:0 a.m.15 views

Chainlink oracle might return stale data

Lines of code Vulnerability details Impact Oracle might return stale data for basePrice and quotePrice. Proof of Concept refreshedAssetPerBaseInUQ in ChainlinkPriceOracle.sol does not check if the data from Chainlink is fresh . If there is a problem with the Chainlink oracle, this contract may be...

7AI score
Exploits0
Code423n4
Code423n4
added 2022/04/13 12:0 a.m.22 views

use of deprecated chainlink oracle method

Lines of code Vulnerability details Impact latestanswer , this method does not error if no answer has been reached, it will simply return 0, since we have checks in function requireanswer 0, "invalidoracleanswer"; we may not get the latest value of current price which can affect the functionality...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/02/23 12:0 a.m.9 views

No check for stale chainlink oracle data in getUnderlyingPrice function

Lines of code Vulnerability details No check for stale chainlink oracle data in getUnderlyingPrice function Impact There is no check if the value of answer returned by chainlink latestRoundData is latest or stale. If stale price is returned, it may result in wrong calculation used in upstream...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/02/23 12:0 a.m.19 views

Improper Validation Of Chainlink's latestRoundData() Function

Lines of code Vulnerability details Impact The calls to the latestRoundData function do not validate the output of the Chainlink oracle query. As a result, it is possible to use stale results when returning the TWAP price. latestRoundData is able to ensure the round is complete and has returned a...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/12/13 12:0 a.m.13 views

PriceOracle Does Not Filter Price Feed Outliers

Handle leastwood Vulnerability details Impact If for whatever reason the Chainlink oracle returns a malformed price due to oracle manipulation or a malfunctioned price, the result will be passed onto users, causing unintended consequences as a result. In the same time it's possible to construct...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/11/15 12:0 a.m.14 views

Newly Registered Assets Skew Consultation Results

Handle leastwood Vulnerability details Impact The TwapOracle.consult function iterates over all token pairs which belong to either VADER or USDV and then calculates the price of the respective asset by using both UniswapV2 and Chainlink price data. This helps to further protect against price...

7AI score
Exploits0
Rows per page
Query Builder