Unsafe use of transfer()/transferFrom() with IERC20

Lines of code 377, 509, 491, 530, 42, 50 Vulnerability details Some tokens do not implement the ERC20 standard properly but are still accepted by most code that accepts ERC20 tokens. For example Tether USDT's transfer and transferFrom functions on L1 do not return booleans as the specification...

Unsafe use of transfer()/transferFrom() with IERC20

Lines of code 377, 509, 491, 530, 42, 50 Vulnerability details Some tokens do not implement the ERC20 standard properly but are still accepted by most code that accepts ERC20 tokens. For example Tether USDT's transfer and transferFrom functions on L1 do not return booleans as the specification...

Unsafe use of transfer()/transferFrom() with IERC20

Lines of code 377, 509, 491, 530, 42, 50 Vulnerability details Some tokens do not implement the ERC20 standard properly but are still accepted by most code that accepts ERC20 tokens. For example Tether USDT's transfer and transferFrom functions on L1 do not return booleans as the specification...

Unsafe use of transfer()/transferFrom() with IERC20

Lines of code 377, 509, 491, 530, 42, 50 Vulnerability details Impact Some tokens do not implement the ERC20 standard properly but are still accepted by most code that accepts ERC20 tokens. For example Tether USDT's transfer and transferFrom functions on L1 do not return booleans as the...

[ADRIRO-NEW-M-03] Safe approval could lead to a denial of service in VotiumStrategy

Lines of code Vulnerability details Summary The introduction of the SafeERC20 wrapper may lead to an accidental denial of service due to how the safeApprove function works internally. Impact The updated codebase uses the SafeERC20 wrapper provided by the OpenZeppelin contracts library to handle...

https://github.com/code-423n4/2023-09-centrifuge/blob/main/src/InvestmentManager.sol#L467-L480

Lines of code Vulnerability details Impact In this function InvestmentManager.deposit, the require statement calls the lPool.transferFrom function with an arbitrary from address. This means that the attacker can control who the tokens are transferred from. Proof of Concept Tools Used manuel revie...

UNCHECKED TRANSFER

Lines of code Vulnerability details Impact Some tokens do not revert the transaction when transferFrom fails and returns False. Hence we must check the return value after calling the transfer or transferFrom function. Proof of Concept Check the last answer here: In short: Using...

Reentrancy vulnerability in USDO.flashLoan() function

Lines of code Vulnerability details Impact The reentrancy vulnerability in the USDO contract could allow an attacker to withdraw funds from the contract even if the original contract has not yet approved the withdrawal. This could result in a loss of funds for the USDO contract and its users. Pro...

## [M-07] ERC20 return values not checked

Lines of code Vulnerability details Impact Tokens that don’t actually perform the transfer and return false are still counted as a correct transfer and the tokens remain in the SingleNativeTokenExitV2 contract and could potentially be stolen by someone else. Proof of Concept The ERC20.transfer an...

Unchecked Call Return Value of ERC20 Functions

Lines of code Vulnerability details Impact The return value of 'transfer' and 'transferFrom' should be verified since these two functions may only return false but not cause execution reverted once fail. If not properly handled, it might incur asset losses to users and the project party. Tools Us...

In MulticallRootRouter.sol, approve function can fail for non standard ERC20 tokens like USDT

Lines of code Vulnerability details Impact Some tokens like USDT do not work when changing the allowance from an existing non-zero allowance value. For example Tether USDT’s approve function will revert if the current approval is not zero, to protect against front-running changes of approvals. Li...

The return value of an external transfer call is not checked on the function uniswapV3SwapCallback in the contract named JBXBuybackDelegate

Lines of code Vulnerability details Impact Several tokens do not revert in case of failure and return false. If one of these tokens is used in MyBank, deposit will not revert if the transfer fails, and an attacker can call deposit for free...

Attacker can drain the token from the user's account

Lines of code Vulnerability details Vulnerability details Impact There is a potential vulnerability if the increaseLPAllowance function is not implemented safely and allows for arbitrary increases to the token allowance. File: ajna-core/src/PositionManager.sol pool.increaseLPAllowanceowner,...

Position created with BNB as collateral will result in locked collateral

Lines of code Vulnerability details withdrawCollateral allows position owners to withdraw collateral from the position - as long as it is still collateralized afterwards. File: Position.sol 263: function withdrawCollateraladdress target, uint256 amount public onlyOwner noChallenge noCooldown 264:...

can open a position without any collateral in MintingHub.sol

Lines of code Vulnerability details Impact openPosition... function in MintingHub.sol ignores return value by challenge.position.collateral.transferFrom Several tokens do not revert in case of failure and return false. The require still pass but then, if the token used as collateral return false,...

Unsafe safeTransfer function

Lines of code Vulnerability details Impact The safeTransfer function of the SafeERC20.sol contract check that the target is actually a contract before calling it, this is to avoid calls to address with no code that will always return succes = true. For exemple if you use token.safeTransfer and...

Incorrect validation of the result of the transfer * transferFrom method call. Failure to comply with the ERC20 standard

Lines of code Vulnerability details Impact Inability to use ERC20 standard tokens. As an example of the future LP token Proof of Concept According to the ERC-20 standard, the transfer and transferFrom methods return true or false, but looking at the code we see that:...

Use safeTransferFrom and safeApprove foe the reward tokens in Vault Controller instead of transferFrom and approve functions

Lines of code Vulnerability details Impact In 3 functions return values of ERC20 contracts either approve or transferFrom are not checked : fundStakingRewards ; addStakingRewardsTokens and handleInitialDeposit. This is especially dangerous in the addStakingRewardsTokens function, because in this...

Solmate's ERC20 does not check for token contract's existence

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Not checking for token existence is a know issue for Solmate. This can cause unexpected contract functionality for transfers implemented in the codes. Proof of Concept Provide direct links to all...

Upgraded Q -> M from #163 [1671458931869]

Judge has assessed an item in Issue 163 as M risk. The relevant finding follows: TOKEN TRANSFERS DO NOT VERIFY THAT THE TOKENS WERE SUCCESSFULLY TRANSFERRED Some tokens like zrx do not revert the transaction when the transfer/transferfrom fails and return false, which requires us to check the...