Lucene search
K

20 matches found

Code423n4
Code423n4
added 2023/09/14 12:0 a.m.9 views

LiquidityPool inflation attack

Lines of code Vulnerability details Bug Description The LiquidityPool uses an algorithm that converts prices to shares through a linear relationship. For instance, if there are 10,000 assets and 100 shares, then holding 100 assets should yield 1 share. However, a situation arises when investor...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/09/14 12:0 a.m.7 views

Unchecked Input

Lines of code Vulnerability details Impact Attackers can get the auth badge due to unchecked input vulnerability at the LiquidityPool The wardmsg.sender badge gives the attacker the highest role in the entire Centrifuge ecosystem, allowing the attacker to steal funds and cause DOS. Proof of Conce...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/09/14 12:0 a.m.9 views

Assumptions are currently made that prices would forever be positive

Lines of code Vulnerability details Impact Neglecting the potential for negative asset prices can lead to inaccurate value representation in the Liquidity Pool, possibly affecting calculations related to assets and tokens. It's crucial to note that the value of an asset, even if negative in the...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/09/14 12:0 a.m.11 views

Signature malleability in permit function

Lines of code Vulnerability details Impact In the ERC20 contract used to define the interface for tranche tokens the permit function uses ecrecover to verify a signature submitted by the token owner to approve an address to spend its tranche tokens. However there is a well known issue related to...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/03/26 12:0 a.m.10 views

Upgraded Q -> 3 from #60 [1679803414194]

Judge has assessed an item in Issue 60 as 3 risk. The relevant finding follows: LiquidityPool.sol: The deposit queue processing in processDeposits reads the price of the liquidity token only once at the start of the loop so this means that some queued deposits may not incur price slippage dependi...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/20 12:0 a.m.9 views

The users will receive a wrong liquidity token amount because there is an error in the token price calculation in the LiquidityPool::processDeposits() function

Lines of code Vulnerability details Impact The processDeposits helps to process the users deposits that were queued in the queueDeposit function. The processDeposits function iterates multiple queued deposits and increases the totalFunds storage variable which is used to the accountability of the...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/03/20 12:0 a.m.11 views

LiquidityPool.executePerpOrders(): dangerous payable function

Lines of code Vulnerability details Impact The contract LiquidityPool use a dangerous payable function executePerpOrders In this function, users can send ETH mistakenly. We should check the msg.value is 0 or not to void this issue. Proof of Concept function executePerpOrdersbytes calldata...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/03/20 12:0 a.m.4 views

Hedging during liquidation is incorrect

Lines of code Vulnerability details Impact Hedging will not work as expected, and LiquidityPool will lose funds without expectation. Proof of concept 1. When a short position is liquidated in contract Exchange, function liquidate will be triggered. It will burn the power perp tokens and reduce th...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/03/20 12:0 a.m.13 views

LiquidityPool.sol#L657 : setFees() could be abused to steal the funds when there is huge transacion is happening.

Lines of code Vulnerability details Impact Set fee functions can be set to any arbitrary value when the transaction is happening. There are more possibility that user could lose most of all of their hard earned funds. Proof of Concept Below functions can be called by autheraised person to fix the...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/03/20 12:0 a.m.12 views

KangarooVault.initiateDeposit, KangarooVault.processDepositQueue, KangarooVault.initiateWithdrawal, and KangarooVault.processWithdrawalQueue functions do not use whenNotPaused modifier

Lines of code Vulnerability details Impact As shown by the code below, although PauseModifier is imported, the KangarooVault contract does not use the whenNotPaused modifier in any of its functions. More specifically, the KangarooVault.initiateDeposit, KangarooVault.processDepositQueue,...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/03/20 12:0 a.m.10 views

Missing totalFunds update in LiquidityPool's OpenShort(), causing LiquidityPool token holder to lose a portion of their token value

Lines of code Vulnerability details The function openShort in LiquidityPool.sol is missing an update to totalFunds, to increase LiquidityPool funds by the collected net fees. Impact As a result of the missing increment to totalFunds, the availableFunds in the LiquidityPool will be lower. This wil...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/03/20 12:0 a.m.11 views

usedFunds is wrong after Liquidity.closeLong, openShort and closeShort

Lines of code Vulnerability details Impact usedFunds is wrong in LiquidityPool, and usedFunds tracks spent quote tokens. usedFunds is an important state in LiquidityPool, so the impact will be high. Proof of Concept Liquidity.closeLong and openShort don't update the state usedFunds correctly. In...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2022/07/25 2:20 p.m.2 views

Malicious code in liquiditypool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 801bd27dfd72c9946825d6be996a9ec76a9a14b2eb92ff1e5bebc346c76d6810 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2022/07/25 2:20 p.m.4 views

MAL-2022-4320 Malicious code in liquiditypool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 801bd27dfd72c9946825d6be996a9ec76a9a14b2eb92ff1e5bebc346c76d6810 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Code423n4
Code423n4
added 2022/06/03 12:0 a.m.10 views

Users will lose all of their money during pool migration

Lines of code Vulnerability details Impact Users will lose all of their money when they migrate by calling PoolMigrationZap.migrate Proof of Concept File: protocol/contracts/zaps/PoolMigrationZap.sol 1 52 function migrateaddress oldPoolAddress public override 53 ILiquidityPool oldPool =...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/06/03 12:0 a.m.9 views

Deposit doesn't initialize WithdrawalMeta

Lines of code Vulnerability details Impact Though LiquidityPool.sol is not in scope, this is related to the PoolMigrationZap.migrate which performs deposits into new pools. The deposit functionality of LiquidityPool.sol does not set the withdrawalMeta for the depositor, meaning that their...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/05/12 12:0 a.m.13 views

missing input validation for _liquidityPool

189 comment Warden: kenta missing input validation for liquidityPool. The owner can change always liquidityPool but this liquidityPool will be used to execute low-level calls. To avoid errors with an empty address this must be checked always. requireliquidityPool != address0, “liquidityPool canno...

7.3AI score
Exploits0
Code423n4
Code423n4
added 2022/04/27 12:0 a.m.10 views

first depositor can drain other depositors

Lines of code Vulnerability details in deposit, when the ratio totalSupply / balance is very high, the amount of the minted shares can round down to zero. Proof of Concept Alice is the first one to deposit in LiquidityPool. she deposits 1 basic unit of the token, therefore minting one lp token...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/03/16 12:0 a.m.10 views

Possible frontrun on deposits on LiquidityPool

Lines of code Vulnerability details Impact Rewards are given to a user for depositing either ERC20 tokens or their native token into the LiquidityPool. This reward is used to incentivize users to deposit funds into the liquidity pool when the pool is not in an equilibrium state. For regular users...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/03/16 12:0 a.m.10 views

Sending tokens close to the maximum will fail and user will lose tokens

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept When a user calls the deposit function the reward amount is calculated and an event is emited with amount+reward as the transfer amount. The function checks amount is smaller than the m...

6.8AI score
Exploits0
Rows per page
Query Builder