64 matches found
No zero address check in PrimeLiquidityProvider.sol:sweepTokens
Lines of code Vulnerability details Impact Possible loss of funds due to sending them to the address0, the developer's assumption is that safeTransfer is checking for to not being the address0. In reality, it doesn’t implement such a check and we can see from the implementation of the function:...
BORROWERS CAN AVOID LIQUIDATIONS, IF ERC777 TOKEN IS CONFIGURED AS AN emissionToken
Lines of code Vulnerability details Impact If a borrower is undercollateralized then he can be liquidated by a liquidator by calling the MErc20.liquidateBorrow function. liquidateBorrow function calls the MToken.liquidateBorrowFresh in its execution process. Inside the liquidateBorrowFresh functi...
Owner unable to withdraw the amount since depositDeadline values already expired
Lines of code Vulnerability details Impact The stakermsg.sender lose his amount permanently once depositDeadline is over Proof of Concept DEPOSIT : function deposituint256 amount external override onlyOwner // slither-disable-next-line timestamp if block.timestamp depositDeadline revert...
Solmate safeTransfer and safeTansferFrom does not check the code size of the token address
Lines of code Vulnerability details Impact The safeTransfer and safeTransferFrom don't check the existence of code at the token address. This is a known issue while using solmate's libraries. Hence this may lead to miscalculation of funds and may lead to loss of funds, because if safeTransfer and...
Solmate safetransfer and safetransferfrom does not check the codesize of the token address, which may lead to fund loss
Lines of code Vulnerability details Impact Possible miscalculation and loss of funds. Proof of Concept In AstariaRouter.commitToLiens, the safetransfer and safetransferfrom doesn’t check the existence of code at the token address. This is a known issue while using solmate’s libraries.Hence this m...
Use safeTransefer and safeTransferfrom
Lines of code Vulnerability details Impact and Recommended Mitigation Steps CErc20.sol Transfers are not safe because there is no checking whether the return value is true/false without use of Openzeppelins safeTransfer/safeTransferFrom. Should use the...
safeTransfer should be used instead of transferFrom in winnerClaimNFT
Lines of code Vulnerability details Impact The winner of the raffle may be a smart contract which doesn't handle NFTs, thus leaving the NFT irretrievably lost instead of being awarded to an address which can handle NFTs. Additionally, the NFT should be in the VRFNFTRandomDraw contract at the time...
Re-entrancy issue when executing safeTransfer in sweepToken function
Lines of code Vulnerability details Impact In the sweepToken function, we don't have a re-Entrancy check which will introduce the token lost by calling sweepToken multiple times during one request. Proof of Concept We don't have any check for the token and the token itself may call back into the...
Solmate saftransfer and safetransferfrom does not check the codesize of the token address, which may lead to fund loss
Lines of code Vulnerability details In PirexGmx.sol and ERC4626Vault.sol, the contract uses the solmate library which does not check the existence of code at the token address. This is a known issue when using solmate's libraries. Reference: Impact Possible loss of funds and miscalculation. Proof...
Solmate's safeTransfer function does not check the existence of the contract
Lines of code Vulnerability details Impact Miscalculation of transferred funds and finally, loss of funds Proof of Concept Solmate's safeTransfer and safeTransferFrom functions do not check the ext code size of the address of the recipient and so, it may lead to a miscalculation of funds as it...
[NAZ-M3] Use safeTransfer()/safeTransferFrom() instead of transfer()/transferFrom()
Lines of code Vulnerability details Impact It is a good idea to add a require statement that checks the return value of ERC20 token transfers or to use something like OpenZeppelin’s safeTransfer/safeTransferFrom unless one is sure the given token reverts in case of a failure. Failure to do so wil...
[M3] It is impossible to recover stucked non complying ERC-20 tokens
Lines of code Vulnerability details Impact Contract frxETHMinter is unable to recover tokens like USDT PoC Tokens that return void on transfer, that is, those who do not follow ERC20 standard will revert when you try to assign the output to a boolean variable. This is the case in you function...
Use safetransfer/safetransferFrom instead of transfer/transferFrom in ERC20
Lines of code Vulnerability details Impact Its a good to checks the return value of token transfer using safetransfer or safetransferFrom on Openzeppelin to ensure the token revert when transfer failure. Failure to do so will cause silent failures of transfer and affect token accountng in contrac...
Unsafe ERC721 operations
Lines of code Vulnerability details Impact It is recommended to use safeTransfer and safeTransferFrom when transferring ERC721 and ERC20 token Tools Used Manual audit Recommended Mitigation Steps Use the safeTransfer and safeTransferFrom functions to transfer ERC721 and ERC20 tokens --- The text...
Use safeTransfer to send ERC721 tokens
Lines of code Vulnerability details Impact Winner of the auction can lose his NFT Proof of Concept When you settle and auction you transfer the NFT using transferFrom token.transferFromaddressthis, auction.highestBidder, auction.tokenId; Maybe this is just an intended behaviour and is the...
State variables written after the call
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The external function burn updates state variables balance0 and balance1 after safeTransfer has been called. This could potentially be exploited as an attacker could call the burn function multiple time...
Unsafe usage of ERC20 transfer and transferFrom
Lines of code Vulnerability details Impact Some ERC20 tokens functions don't return a boolean, for example USDT, BNB, OMG. So the VotingEscrow contract simply won't work with tokens like that as the token. Proof of Concept The USDT's transfer and transferFrom functions doesn't return a bool, so t...
Some tokens may break VotingScrow contract in transfer and transferFrom functions
Lines of code Vulnerability details Vulnerability details Some ERC20 tokens such as USDT don't return boolean values from transfer and transferFrom methods. The require checks will therefore revert causing the functions to be unusable. Impact This would prevent withdraw and createLock functions t...
Fake orders can be created for non existant tokens
Lines of code Vulnerability details Impact NFT's can be stolen by an attacker Proof of Concept The putty contract is using the solmate safeTransfer instead of OpenZeppelin's so contract existence isn't being checked for transferred tokens. In the putty case, contract existance is checked for the...
Upgraded Q -> M from 104 [1654443194486]
Judge has assessed an item in Issue 104 as Medium risk. The relevant finding follows: transfer return value of a general ERC20 is ignored Need to use safeTransfer instead of transfer. As there are popular tokens, such as USDT that transfer/trasnferFrom method doesn’t return anything. The transfer...