NATIVE TOKENS COULD GET STUCK INSIDE THE LlamaCore CONTRACT SINCE THERE IS NO WITHDRAWAL MECHANISM

Lines of code Vulnerability details Impact The LlamaCore contract has a single payable function LlamaCore.executeAction. It is used to execute actions by calling the executor.execute function. But the native token recieved by this contract is passed on to the executor.execute function call. Only...

NATIVE TOKENS TRANSFERRED TO THE LlamaAccount CONTRACT CAN GET STUCK

Lines of code Vulnerability details Impact In the LlamaAccount contract there is a payable recieve to receive native tokens as shown below: receive external payable Hence this contrat accepts native tokens sent to this. But the problem is if any amount of native token is sent to this contract via...

LlamaExecutor#execute is not payable

Lines of code Vulnerability details Impact Since the execute function in LlamaExecutor.sol is not payable, nor the contract has the ability to receive ether, any action that requires sending ETH will eventually fail. Proof of Concept Tools Used Manual review Recommended Mitigation Steps One of th...

Success value and msg.value not checked in llamaExecutor.sol

Lines of code Vulnerability details Impact Success value not checked. Result can fail silently. Msg.value can be lost. Proof of Concept Function execute does not check the validity of success. If execute is called and msg.value is greater than value, then excess msg.value will be stucked in...

Execution does not work if the action has a non-zero value

Lines of code Vulnerability details Llama instances have a separate LlamaExecutor contract for action execution. When calling LlamaCore.executeAction, the flow is the following for simplicity, we ignore action guards: The function does internal validation: checking the current action state is...

It is not possible to execute actions that require ETH (or other protocol token)

Lines of code Vulnerability details Details Actions can have value attached to them. That means when action is being executed, a certain amount of ETH or other protocol token need to be sent by the caller with the contract call. This is why LlamaCore.executeAction is payable function...

Executing a script action with non-zero value results in frozen funds

Lines of code Vulnerability details Llama instances have a separate LlamaExecutor contract for action execution. When calling LlamaCore.executeAction, the flow is the following for simplicity, we ignore action guards: The function does internal validation: checking the current action state is...

LlamaAccount.llamaExecutor may be changed for a malicious purpose and be return to the initial state.

Lines of code Vulnerability details Impact If the delegatecall changes llamaExecutor to an malicious contract, then onlyLlama modifier cannot protect the contract. After the exploit, it can return the llamaExecutor as before. Proof of Concept Update test/mock/MockExtension.sol as below. //...

Unsafe delegatecall functionality can break core protocol functionality

Lines of code Vulnerability details Impact There are multiple contracts which include delegatecall functionality, including the execute function of the LlamaAccount contract and the execute function of the LlamaExecutor contract. The issue is that there's no controls, other than the standard role...