69 matches found
REDUNDANT ERC1155 OCEAN TOKEN BALANCE UPDATE OF THE OceanAdapter CONTRACT COULD LEAD TO DoS OF THE Ocean._computeOutputAmount TRANSACTION
Lines of code Vulnerability details Impact The Ocean.computeOutputAmount function is used to compute the output amount of an output token when the input token and input token amount is given. The Ocean.computeOutputAmount function mutates the ERC1155 token ledger amounts for the primitives and al...
ERC721 and ERC1155 Reentrancy Guard is Incomplete and Wrongly Implemented
Lines of code Vulnerability details Impact Whether there is a ERC721 and ERC1155 Interaction clash or not, or if there is an inadequate transfer callback, all this would not matter as reversion would not occur due to absence of proper validation during wrap of ERC721 and ERC1155 in the Ocean.sol...
Ocean cannot _mintBatch() as onERC1155BatchRecieved() not implemeneted on the Ocean contract when batch transferring to itself
Lines of code Vulnerability details The comment @ Ocean L348 states: The Ocean never initiates ERC1155 Batch Transfers. This is untrue, note the following callstack: Ocean.doMultipleInteractions | Ocean.forwardedDoMultipleInteractions Ocean.doMultipleInteractions calls mintBatch @ L560...
_doMultipleInteractions - User can use more wrapped tokens than they own
Lines of code Vulnerability details Impact User can use more wrapped tokens than they own. Proof of Concept When wrapped tokens are used by an Adaptor or Primitive through computeOutputAmount, it does not check if the user has enough tokens. Therefore, when calling computeOutputAmount, you need t...
Upgraded Q -> 2 from #272 [1698254247989]
Judge has assessed an item in Issue 272 as 2 risk. The relevant finding follows: ERC1155 can be inflated if the token doesn’t revert on failed transfer --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> 2 from #854 [1697894788598]
Judge has assessed an item in Issue 854 as 2 risk. The relevant finding follows: Virtual Account cannot withdraw ERC1155 directly --- The text was updated successfully, but these errors were encountered: All reactions...
Delegation transfer might become temporarily unavailable due to input format in _delegateMulti
Lines of code Vulnerability details Impact A user might mint a valid delegation token to a target delegate which cannot be transferred to another target delegate through processDelegation due to delegateMulti's extension of address type of data into the space of uint256. Proof of Concept As...
Delegate balance in getBalanceForDelegate can be manipulated by delegate sending ERC1155 tokens to the contract directly
Lines of code Vulnerability details Impact The contract is an ERC1155 contract that can receive tokens from delegates which might affect core protocol invariants through getBalanceForDelegate Proof of Concept function getBalanceForDelegate address delegate internal view returns uint256 return...
_reimburse() bypasses 1155 accounting, allowing potential fund drainage.
Lines of code Vulnerability details Impact The reimburse function allows the caller to withdraw any remaining source delegate balance back to themselves. This bypasses the 1155 token balances and could let the caller drain funds. For example: The reimburse function allows the caller to withdraw a...
OpenZeppelin 's recent v5.0.0 release includes many changes to libraries/contracts that can directly affect ERC20MultiDelegate functionality
Lines of code Vulnerability details Impact OpenZeppelin just released v5.0.0, and there happen to be several significant changes that directly affect the ERC20MultiDelegate implementation, directly and indirectly, via packages used and inherited from. Here’s a link to the release: Below is a...
use higher version of openzeppelin library instead of vulnerible ones.
Lines of code Vulnerability details Impact the Op lib has some dangerous vulnerabilities in lower versions especially when you work with ERC1155 Openzeppelin already says the lower versions are vulnerable. Affected versions = 4.2.0 Tools Used vs code Recommended Mitigation Steps upgrade versions ...
VirtualAccount.sol CONTRACT DOES NOT CORRECTLY IMPLEMENT THE eip1155 STANDARD WHILE INHERITING THE ERC1155Receiver
Lines of code Vulnerability details Impact The VirtualAccount.sol contract inherits the ERC1155Receiver contract to receive the ERC1155 tokens. Both onERC1155Received and onERC1155BatchReceived functions are declared in the VirtualAccount contract as per the eip1155 standard. The respective ERC11...
create function will DoS with ERC1155s.
Lines of code Vulnerability details Impact ERC1155 tokens can never be used. Proof of Concept If we look at the create function in the delegateToken contract we can see the line : TransferHelpers.checkAndPullByTypeerc1155PullAuthorization, delegateInfo; this line calls the...
checkERC1155BeforePull Function in DelegateTokenTransferHelpers
Lines of code Vulnerability details Description The checkERC1155BeforePull function in Contract XYZ has a potential issue where it reverts if pullAmount is equal to 0, which might not always be the desired behavior for ERC1155 tokens. Issue Details Context In DelegateTokenTransferHelpers.sol, the...
Protocol will fail for ERC1155 tokens
Lines of code Vulnerability details Issue DelegateTokenTransferHelpers::checkERC1155BeforePull and DelegateTokenTransferHelpers::pullERC1155AfterCheck perform "set and check" operations on erc1155Pulled.flag which will always revert. In the first function, the value of erc1155Pulled.flag is set t...
Lack of ERC1155 Token Balance Check in flashloan Smart Contract Function
Lines of code Vulnerability details Description: : The flashloan function in the code you provided does not check if the amount of ERC1155 tokens being flashed is available. This could lead to a situation where the function fails to complete because the caller does not have enough ERC1155 tokens ...
User cannot withdraw their ERC1155 tokens.
Lines of code Vulnerability details Impact In the NFTBoostVault.sol contract, users can only withdraw their ERC1155 if utilized when they are withdrawing all their tokens at once. this can lead to loss of funds for the users who decide to withdraw their locked tokens in bits. Proof of Concept Whe...
Upgraded Q -> 2 from #23 [1686021624118]
Judge has assessed an item in Issue 23 as 2 risk. The relevant finding follows: rageQuit cannot transfer ERC1155 fungible tokens --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> 2 from #250 [1676238274782]
Judge has assessed an item in Issue 250 as 2 risk. The relevant finding follows: Then, the logic presumably tries to keep a lookup table between token id - index using the ownedTokensIndex variable which is of type mappinguint256 = uint256 . This is also wrong, since ERC1155 tokens can have...
Upgraded Q -> 2 from #670 [1675726386915]
Judge has assessed an item in Issue 670 as 2 risk. The relevant finding follows: L-03 DoS if address owns too many receipts With time it is viable for users to acquire thousands and tens of thousands of receipts. This may happen as a result of buying receipts for example, which was highlighted as...