24 matches found
Fee-on-transfer/rebasing tokens will have problems when swapping
Lines of code 110 Vulnerability details Uniswap v3 does not support rebasing or fee-on-transfer tokens so using these tokens with it will result funds getting stuck. With fee-on-transfer tokens, if the balance isn't checked, the wrong amount may be transferred out. With rebasing tokens, the...
Creator can earn holder fee
Lines of code Vulnerability details Impact Creator can earn creator and holder as well. Proof of Concept In market.sol contract there is a buy function which cannot be used by creator of share. requireshareDataid.creator != msg.sender, "Creator cannot buy"; However, it's still possible for creato...
No token whitelist leaves rageQuit() vulnerable to malicious ERC20 token contracts
Lines of code Vulnerability details A malicious actor can exploit the PartyGovernanceNFT.sol::rageQuit function by specifying a malicious IERC20 contract in the withdrawTokens array. The malicious contract could "donate" tokens to the proxy contract to pass the balance check here and when the...
the swapFrom() function allows the Fee On Transfer tokens and _setReserves doesn't revert
Lines of code Vulnerability details Impact the protocol supports the fee on transfer tokens and has implemented a special capable function for it and wants to not allow and revert the fee on transfer tokens in normal SwapFrom function as it says in comments of swapfrom function @dev MUST revert i...
Upgraded Q -> 2 from #92 [1677633054022]
Judge has assessed an item in Issue 92 as 2 risk. The relevant finding follows: L-09 ERC4626 does not work with fee-on-transfer tokens Description The ERC4626 deposit/mint functions do not work well with fee-on-transfer tokens as the assets variable is the pre-fee amount, including the fee, where...
Upgraded Q -> M from #366 [1670366212013]
Judge has assessed an item in Issue 366 as M risk. The relevant finding follows: 1. Not support fee-on-transfer tokens Every tokens of credit line will be transferred from lender to LineOfCredit first, then to borrower later. These 2-transfer steps will make the tax for some fee-on-transfer token...
Any use of fee-on-transfer tokens as quote tokens in auctions will result in freeze or loss of funds for users.
Lines of code Vulnerability details Description SIZE auctions do not support fee-on-transfer tokens. The platform rejects taxed baseToken during createAuction: // Passes https://github.com/transmissions11/solmate/blob/main/src/utils/SafeTransferLib.solL9 // Transfer base tokens to auction contrac...
_handleExecuteTransaction may not working correctly on fee-on-transfer tokens. Moreover, if it is failed, fund may be locked forever.
Lines of code Vulnerability details Impact handleExecuteTransaction may not working correctly on fee-on-transfer tokens. As duplicated fee is applied to fee on transfer token when executing a arbitrary call message passing request. Moreover, the Executor contract increase allowance on that token...
Fee-on-transfer support
Lines of code Vulnerability details Impact Every time transferFrom or transfer function in ERC20 standard is called there is a possibility that underlying smart contract did not transfer the exact amount entered. It is required to find out contract balance increase/decrease after the transfer to...
Bribe.sol is not meant to handle fee-on-transfer tokens
Lines of code Vulnerability details Impact Should a fee-on-transfer token be added as a reward token and deposited, the tokens will be locked in the Bribe contract. Voters will be unable to withdraw their rewards. Proof of Concept Tokens are deposited into the Bribe contract using...
ExtraRewardsDistributor deposits don’t work with fee-on transfer tokens
Lines of code Vulnerability details Impact There are ERC20 tokens that may make certain customizations to their ERC20 contracts. One type of these tokens is deflationary tokens that charge a certain fee for every safetransfer or safetransferFrom . Proof of Concept The ExtraRewardsDistributor’s...
Users may lose rewards to other users if rewards are given as fee-on-transfer tokens
Lines of code Vulnerability details Impact If rewards are given in fee-on-transfer tokens, users may get no rewards, breaking functionality Med: Assets not at direct risk, but the function of the protocol or its availability could be impacted, or :::leak value with a hypothetical attack path with...
Pools and trees may be underfunded for fee-on-transfer tokens
Lines of code Vulnerability details Pools, vesting trees, and airdrop trees may all be created with fee-on-transfer tokens. When each of these entities is funded by a transfer in, their internal accounting assumes they receive the full amount transferred. However, they may actually receive fewer...
Fee-on-transfer tokens will mess up the internal accounting of the contract
Lines of code Vulnerability details Impact If the underlying token is a fee-on-transfer token, the amount of tokens that will be transferred to the contract isn't equal to the amount the supplyTokenTo tries to supply to the aave protocol, so the function will revert because the contract won't hav...
Unsupported fee-on-transfer tokens
Low-01 Unsupported fee-on-transfer tokens Impact When underlyingAssetAddress is fee-on-transfer tokens, in the supplyTokenTo function, the actual amount of tokens received by the contract will be less than the depositAmount, so that the subsequent pool.supply function will fail to execute. Proof ...
NFTLoanFacilitator: Unsupported fee-on-transfer tokens
Lines of code Vulnerability details Impact loanAssetContractAddress is specified by the user when the user creates a loan. When loanAssetContractAddress is fee-on-transfer tokens, in the lend function, the actual amount of tokens received by the contract will be less than the amount, so that the...
ERC4626 does not work with fee-on-transfer tokens
Lines of code Vulnerability details Impact The docs/video say ERC4626.sol is in scope as its part of TurboSafe The ERC4626.deposit/mint functions do not work well with fee-on-transfer tokens as the amount variable is the pre-fee amount, including the fee, whereas the totalAssets do not include th...
ERC20Vault does not support fee-on-transfer token
Handle gzeon Vulnerability details Impact ERC20Vault does not support fee-on-transfer token since it does not check the balance received by the contract. Proof of Concept for uint256 i = 0; i 0 IERC20tokensi.safeTransferFromfrom, addressthis, tokenAmountsi; actualTokenAmounts = pushtokens,...
function mint() No Tokens Will be Transfer to _recipient
Handle Meta0xNull Vulnerability details Impact mintrecipient, amount; At the end of mint, mint seems like responsible to transfer tokens to recipient but there is no code no function of mint in this contract. Thus No Tokens Will be Transfer to recipient. recipient who do not Receive Their Tokens...
Fee on transfer tokens do not work within the protocol
Handle tensors Vulnerability details Fee on transfer tokens transfer less tokens in than what would be expect. This means that the protocol request incorrect amounts when dealing with these tokens. The protocol should use stored token balances instead of transfer for calculating amounts. --- The...