Lucene search
K

164 matches found

Code423n4
Code423n4
added 2023/10/26 12:0 a.m.8 views

An underflow occurred during the token transfer.

Lines of code Vulnerability details Impact An underflow can occur during a token transfer when there is insufficient allowance. Proof of Concept function transferFrom address from, address to, uint256 amount external virtual nonReentrant returns bool uint256 allowed = allowancefrommsg.sender; //...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/10/25 12:0 a.m.14 views

repayAllDebt joins system tokens to the proxy not to the Safe contract

Lines of code Vulnerability details Impact repayAllDebt now calls joinSystemCoins with dest = addressthis, which in case a proxy makes a delegated call to this function will cause the user's tokens to be transferred to its proxy, then in CoinJoin.join it will transfer internal coins from CoinJoin...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/10/11 12:0 a.m.7 views

No check proxy contract is deployed

Lines of code Vulnerability details The deployProxyDelegatorIfNeeded function in ERC20MultiDelegate.sol does not verify that a proxy contract has been successfully deployed before emitting an event indicating its creation. Impact Both createProxyDelegatorAndTransfer and processDelegation function...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/10/11 12:0 a.m.11 views

Loss of tokens because target address can be set to zero

Lines of code Vulnerability details Impact Due to the possibility of target addresses being zero, tokens transferred to zero address will be lost forever, leading to loss of funds for the users of the protocol and that tokens being out of circulation forever burned. Proof of Concept Users can...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/10/11 12:0 a.m.7 views

Approval Verification

Lines of code Vulnerability details Impact There is a great need for approval check before commencement of token transfer and clearing of excess approvals after token transfer has been done, to prevent potential third-party exploitation that could drain funds from unsuspecting users via the...

7.2AI score
Exploits0
Code423n4
Code423n4
added 2023/10/11 12:0 a.m.5 views

Tokens could be stolen by specifying an unauthorized address.

Lines of code Vulnerability details Impact transferBetweenDelegators transfers tokens between proxy contract addresses without any validation. Tokens could be stolen by specifying an unauthorized address. Proof of Concept The issue with transferBetweenDelegators occurs here as we can see: functio...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/10/11 12:0 a.m.6 views

The delegator process occurs even if the source and target have the same address.

Lines of code Vulnerability details Impact The ERC20MultiDelegate contract allows a ENS token holder to either: Case1: Transfer tokens from sources to targets to delegate votes, OR Case2: Get reimbursed from sources and burn their votes OR Case3: Deploy a proxy delegate contract to transfer token...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/10/04 12:0 a.m.8 views

accrueTokens() may truncate user accrual amounts unfairly

Lines of code Vulnerability details Impact High, as this could result in users not receiving rewards they have earned. Any truncation or unfair distribution can erode trust in the protocol, leading to potential dissatisfaction among users and participants. Proof of Concept Take a look at...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/09/14 12:0 a.m.12 views

The maxMint check should be cumulatively applied to ensure it's effectiveness

Lines of code Vulnerability details Impact Circumvention of the maximum minting restriction, since all a receiver need to do is not specify the whole amount of tokens in one attempt and then claim more than the maximum amount Proof of Concept Take a look at LiquidityPool.solL145-L157 /// @notice...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/09/14 12:0 a.m.5 views

Expired members can lose their tranche tokens if they call transferTrancheTokensToCentrifuge or transferTrancheTokensToEVM in PoolManager.sol

Lines of code Vulnerability details Impact User can call transferTrancheTokensToCentrifuge or transferTrancheTokensToEVM to transfer their tranche tokens to other chains, but no verifying is done to see if they are expired members or not on the source chain, which can cause loss of funds for some...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/09/14 12:0 a.m.6 views

lack of failsafe mechanism to replay the failed transaction between source chain and destination chain. This would lead to loss of funds to user when transaction is failed.

Lines of code Vulnerability details Impact When the transaction fails in any of chain source or destination, it never be replayed. This would lead to loss of assets if the the transaction is target for token transfer. Similarly other issue can happen. Proof of Concept Centrifuge used the cross...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/09/14 12:0 a.m.9 views

Unchecked Minting

Lines of code Vulnerability details Impact There is a possibility, an attacker can force minting of tokens to self or any other diluting the token value and stealing funds in the process Proof of Concept Here is a step-by-step process The attacker calls the transferFrom function with msg.data...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/09/11 12:0 a.m.5 views

Unchecked token transfer

Lines of code Vulnerability details Impact Unchecked token transfer Proof of Concept Since the contract will work with many different ERC721 tokens, and not all of them are based, for instance, on the OZ ERC721 token contract. And some tokens can return False instead of reverting a transaction in...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/09/11 12:0 a.m.5 views

Protocols does not work with fee-on-transfer ERC20 tokens

Lines of code Vulnerability details Impact The protocol does not work with fee-on-transfer ERC20 tokens. When this type of token is escrowed, the amount is sent to the DelegateToken contract. After that the underlying amount delegateInfo.amount is stored in the...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/09/07 12:0 a.m.11 views

UniswapV3 trading fees are always locked in treasury instead of going back to the protocol users through GeVault

Lines of code Vulnerability details TokenisableRange was redesigned to redirect collected fees to a pre-defined GeVault, where the protocol stakers can benefit from the added value. However, the use of an incorrect variable makes this distribution of the fees impossible to happen, and the fees wi...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/09/07 12:0 a.m.6 views

Loss of token if a smart contract perform a cross-chain transfer using source bridge

Lines of code Vulnerability details Impact Loss of a token ownership if a smart contract perform a cross-chain transfer using source bridge Proof of Concept When a caller call burnAndCallAxelar, the token is burnt on source chain and the payload is encoded in this way: bytes memory payload =...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/08/07 12:0 a.m.13 views

UNCHECKED TRANSFER

Lines of code Vulnerability details Impact Some tokens do not revert the transaction when transferFrom fails and returns False. Hence we must check the return value after calling the transfer or transferFrom function. Proof of Concept Check the last answer here: In short: Using...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2023/08/07 12:0 a.m.10 views

Inflation attacks with virtual shares and assets on GeVault

Lines of code Vulnerability details Impact An inflation attacks can be done on the first deposit into the GeVault contract. Making the first real depositor losing his deposit. Proof of Concept Inflation attack steps : First, Alice the attacker need to craft a deposit that put valueX8 = 1 = Thus...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/07/28 12:0 a.m.11 views

[MEDIUM] ARCDVestingVault#deposit and NFTBoostVault#_lockTokens- Unsafe transferFrom function is not properly invoked

Lines of code Vulnerability details Impact The use of transferFrom in the ARCDVestingVaultdeposit and NFTBoostVaultlockTokens functions presents a risk of erroneous token transfers. The transferFrom function doesn't perform necessary validations e.g. validate the returned bool in case of failure,...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2023/07/28 12:0 a.m.9 views

treasury approveSmallSpending, approveMediumSpend and approveLargeSpend and setThreshold and setGSCAllowance can be frontrunned

Lines of code Vulnerability details Line of code: Impact treasury approveSmallSpending, approveMediumSpend and approveLargeSpend can be frontrunned Proof of Concept the AracheTreasury, there are three spending relate function: approveSmallSpend, approveMediumSpend, approveLargeSpend both of these...

6.7AI score
Exploits0
Rows per page
Query Builder