EUVD-2021-2459

Malware in sbrugna...

PoS-CoPOR: Proof-Of-Stake Consensus Protocol with Native Onion Routing Providing Scalability and DoS-Resistance

Proof-of-Stake PoS consensus protocols often face a trade-off between performance and security. Protocols that pre-elect leaders for subsequent rounds are vulnerable to Denial-of-Service DoS attacks, which can disrupt the network and compromise liveness. In this work, we present PoS-CoPOR, a...

SoK: Current State of Ethereum'S Enshrined Proposer Builder Separation

Initially introduced to Ethereum via Flashbots' MEV-boost, Proposer-Builder Separation allows proposers to auction off blockspace to a market of transaction orderers, known as builders. PBS is currently available to validators through the aforementioned MEV-boost, but its unregulated and...

CVE-2022-29219

Lodestar is a TypeScript implementation of the Ethereum Consensus specification. Prior to version 0.36.0, there is a possible consensus split given maliciously-crafted AttesterSlashing or ProposerSlashing being included on-chain. Because the developers represent uint64 values as native javascript...

GO-2024-2638 ValidateVoteExtensions function in Cosmos SDK may allow incorrect voting power assumptions in github.com/cosmos/cosmos-sdk

The default ValidateVoteExtensions helper function infers total voting power based on the injected VoteExtension, which are injected by the proposer. If your chain utilizes the ValidateVoteExtensions helper in ProcessProposal, a dishonest proposer can potentially mutate voting power of each...

OptimisticListingSeaport.propose sets pendingBalances of newly added proposer instead of previous one

Lines of code Vulnerability details Impact In OptimisticListingSeaport.propose, pendingBalances is set to the collateral. The purpose of this is that the proposer of a previous proposal can withdraw his collateral afterwards. However, this is done on the storage variable proposedListing after the...

NFT flashloan against governance voting

Lines of code Vulnerability details Impact Specifically, to support a proposal, the voting power is counted at the time of the proposal creation time. However, there are multiple services that support NFT flashloan, e.g., NFTuloan . Since the voting power is counted as the proposal creation time,...

DOS on operation execution

Lines of code Vulnerability details Impact A malicious proposer can keep on cancelling all pending operations so that none of the transactions get executed. Admin also has no way to remove the malicious proposer Proof of Concept 1. Proposer A calls schedule function to schedule an operation 2...

Lodestar 输入验证错误漏洞

Lodestar is a TypeScript implementation of Ethernet consensus. Versions of Lodestar prior to 0.36.0 suffer from an input validation error vulnerability that stems from the inclusion of maliciously crafted AttesterSlashing or ProposerSlashing on the chain, which may have a consensus split...

GHSA-6JQJ-F58P-MRW3 Denial of Service in TenderMint

Description Denial of Service Tendermint 0.33.0 and above allow block proposers to include signatures for the wrong block. This may happen naturally if you start a network, have it run for some time and restart it without changing the chainID. It is a misconfiguration to reuse chainIDs. Correct...

Front running basket Creation

Handle goatbug Vulnerability details Impact Anyone can front run and create your basket, circumventing paying any initial fees. Proof of Concept Once proposeBasketLicense is called, anyone can subsequently call createBasket using that ID. Factory contract By calling it first you will avoid paying...

CVE-2021-39167

OpenZepplin is a library for smart contract development. In affected versions a vulnerability in TimelockController allowed an actor with the executor role to escalate privileges. Further details about the vulnerability will be disclosed at a later date. As a workaround revoke the executor role...

Code injection

OpenZepplin is a library for smart contract development. In affected versions a vulnerability in TimelockController allowed an actor with the executor role to escalate privileges. Further details about the vulnerability will be disclosed at a later date. As a workaround revoke the executor role...