10 matches found
Upgraded Q -> 3 from #534 [1702060375162]
Judge has assessed an item in Issue 534 as 3 risk. The relevant finding follows: L-03 Consider use stETH/UDS oracle Issue Description: The sponsor has confirmed their choice of Chainlink as an oracle to fetch prices. Since all other LST price feeds are 18 decimal places, they will most likely use...
Exploiter can avoid negative Lido rebases stealing funds from EUSD vaults
Lines of code Vulnerability details Description Lybra keeps the exact amount of collateral as deposited ignoring any lido rebases. That allows malicious users to sandwich negative rebase transactions with depositing and withdrawing their stETH saving the exact amount as before negative rebase. Th...
Using msg.value instead of sharesAmount while depositing Ether through Lido can lead to a loss of funds as stETH is not pegged to ETH with 1:1 ratio
Lines of code Vulnerability details Impact In case stETH is not pegged to ETH with 1:1 ratio, the LybraStETHVault.sol will still store all deposits in ETH value after converting to stETH. Also, the emitted event does not return the received stETH amount sharesAmount, but msg.value twice. This mig...
Mitigation Confirmed for H-06
MITIGATION IS NOT CONFIRMED MITIGATION IS NOT CONFIRMED Mitigation of H-06: Issue not mitigated Link to Issue: code-423n4/2023-03-asymmetry-findings588 Comments Issue H-06 describes the potential problems of assuming a peg of stETH to ETH. The sponsor proposed a mitigation to fetch the price of...
Mitigation Confirmed for H-06
Fix looks good. Root issue was assume 1:1 peg for stETH. This has been fixed by getting true price of stETH from chainlink oracle. --- The text was updated successfully, but these errors were encountered: All reactions...
Mitigation Confirmed for NEW
Note: Issue has not actually been resolved but for some reason I can't get my issues to submit without "Mitigation confirmed no new vulnerabilities detected" checked so I am doing this as a work around Severity Medium Lines of code Impact Contract still assumes 1:1 peg for stETH in WstETHwithdraw...
Mitigation of M-05: Issue not mitigated, mitigation errors
MITIGATION IS NOT CONFIRMED MITIGATION IS NOT CONFIRMED Mitigation of M-05: Issue not mitigated, mitigation errors Link to Issue: code-423n4/2023-03-asymmetry-findings812 Comments The issue describes missing checks associated with staking requirements for the WstEth and Reth derivative. The...
Mitigation Confirmed for Mitigation of H-06: Issue mitigated with error
Mitigated issue H-06: WstEth derivative assumes a 1=1 peg of stETH to ETH. The issue was that WstEth.withdraw and WstEth.ethPerDerivative assume a perfect peg between stETH and ETH, which may cause the slippage to be inaccurately evaluated. Mitigation review The issue has been mitigated by using...
Assuming a 1-1 peg of Liquid Staked Tokens like stETH and rETH to ETH is dangerous
Lines of code Vulnerability details Impact The price of ETH staking derivatives may not be pegged 1-1 to ETH which affect staking conditions. Proof of Concept To stake eth, a user calls depositBeaconChainETH. The amount parameter is passed into the addShares function. In addShares, the amount...
hard-coded slippage may freeze user funds during market turbulence
Lines of code Vulnerability details Impact GeneralVault.solL125 GeneralVault set a hardcoded slippage control of 99%. However, the underlying yield tokens price may go down. If Luna/UST things happen again, users' funds may get locked. LidoVault.solL130-L137 Moreover, the withdrawal of the...