Vyper Code Issue Vulnerability

Vyper is the Pythonic smart contract language for EVM. A code issue vulnerability exists in Vyper version 0.3.10 and prior versions that stems from not disabling static and delegate calls...

ConsoleFallbackHandler.sol#simulate transaction cannot simulate transaction properly

Lines of code Vulnerability details Impact ConsoleFallbackHandler.sol does not use static call or delegate call Proof of Concept In the function / @dev Performs a delegetecall on a targetContract in the context of self. Internally reverts execution to avoid side effects making it static. Catches...

Unrestricted delegator contract deployment risks gas abuse; implement mitigations.

Lines of code Vulnerability details Impact deployProxyDelegatorIfNeeded deploys a new delegator contract if one does not exist. This could be abused to spam deploy many delegators and waste gas. Proof of Concept The issue with potentially spam deploying many delegator contracts occurs in the...

Same multiple values in source result in wrong withdrawl

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. If by mistake same delegate value is given multiple times to sources array then withdrawal is affected Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or a...

Delegate balance in getBalanceForDelegate can be manipulated by delegate sending ERC1155 tokens to the contract directly

Lines of code Vulnerability details Impact The contract is an ERC1155 contract that can receive tokens from delegates which might affect core protocol invariants through getBalanceForDelegate Proof of Concept function getBalanceForDelegate address delegate internal view returns uint256 return...

Same multiple delegate values result in wrong calculation of delegated votes

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. If by mistake same delegate value is given multiple times to targets array then delegation of votes is wrongly calculated. Proof of Concept Provide direct links to all referenced code in GitHub. Add...

Delegation transfer might become temporarily unavailable due to input format in _delegateMulti

Lines of code Vulnerability details Impact A user might mint a valid delegation token to a target delegate which cannot be transferred to another target delegate through processDelegation due to delegateMulti's extension of address type of data into the space of uint256. Proof of Concept As...

Multi-delegate system opens exploits: vote amplification, collusion, rapid alternation, obscuring bribes.

Lines of code Vulnerability details Impact Allowing votes to be spread across multiple delegates does potentially open up new attack vectors if not handled carefully. Some ways this could potentially be exploited: A delegator spreads their votes thin across many dummy delegates they control to...

Malicious code in component---src-pages-corporate-delegate-packages-js (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 94743768fa45d297822cb222b29ce23ca1ef1e8fbbc617de5e13df7b8fc60700 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-8271 Malicious code in corporate-delegate-packages (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 177836844dbb30a41ac458ca968707ca386ae3dce8f06fc76b0cc7b9285a6518 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

No protection against conduit front-running

Lines of code Vulnerability details Impact A malicious conduit could front-run and prevent the transfer Proof of Concept The conduit is trusted to conduct the transferFrom in the resulting order. A malicious conduit could front-run and prevent the transfer. calculateOrderHash: This uses the condu...

Lack of access control lets anyone rescind any delegate token

Lines of code Vulnerability details Impact There is no access control for the function rescind, thus 1 it lets anyone rescind any token, either he is the owner or not and 2 the documentation does not adhere to the current implementation. Proof of Concept The documentation above the definition of...

delegate ID could differ from the expected order hash if the order hash was manipulated

Lines of code Vulnerability details Impact A malicious user could create an order hash that does not match the actual order data. When the delegate token is created, the actualDelegateId will be different than the requestedDelegateId calculated from the manipulated createOrderHash. But the check...

Impossible for the owner to change rights

Lines of code Vulnerability details Impact An escrowed token's rights can not be altered once it has been placed in escrow. When a user creates a delegate token and principal token, they set the rights. Rights such as "" and flashloan grant the ability to use the flashloan function. If the delega...

Incorrect delegate token URI in MarketMetadata.sol.

Lines of code Vulnerability details Impact Web3 logic may be error prone by the wrong delegate token URL. Proof of Concept In DelegateToken.tokenURL, MarketMetadata.delegateTokenURI is called. MarketMetadata.delegateTokenURI is as follows. File: MarketMetadata.sol 37: function...

flashloan() allows both owner and approver to call

Lines of code Vulnerability details Impact Allowing the borrower to borrow more than the current limit Proof of Concept As we can see ,flashloan uses StorageHelpers.revertNotOperator to check if the msg.sender has permissions to call. function flashloanStructs.FlashInfo calldata info external...

The order of decreasing total stake for the old delegate and increasing for the new delegate could lead to issues if one reverts but not the other.

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept The potential issue is: decreaseTotalStake succeeds in decreasing the old delegate's stake increaseTotalStake reverts and does not increase the new delegate's stake This would incorrect...

Voters can vote on a single pool multiple times by redelegating

Lines of code Vulnerability details Impact Users should be able to have only one concurrent vote on a pool in GaugeController. When a user votes the weight of his vote is calculated using his userweight parameter and the slope and end time of his balance lock are used to calculate the bias for th...

A user can make sybil attack for manipulate gaugeController dao

Lines of code Vulnerability details Impact When voteforgaugeweights used contract just take info of users slope of exact time. And there is no extra check mechanism in protocol for control is user's delegate amount so slope too until user use voteforgaugeweights. So a user can use...

Decayed voting power can be restored by delegating to newer lock

Lines of code Vulnerability details Impact Delegation to newer lock updates slope and bias of delegatee according to new delegated amount and lengthier lock time which leads to decayed voting power from delegator older lock to be restored // @audit - slope and bias being updated according to...