Lucene search
K

125 matches found

Code423n4
Code423n4
added 2023/04/19 12:0 a.m.2 views

can open a position without any collateral in MintingHub.sol

Lines of code Vulnerability details Impact openPosition... function in MintingHub.sol ignores return value by challenge.position.collateral.transferFrom Several tokens do not revert in case of failure and return false. The require still pass but then, if the token used as collateral return false,...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2023/02/07 12:0 a.m.10 views

Unsafe token transfer in MultiRewardStaking and VaultController contracts

Lines of code Vulnerability details Impact The vulnerability in the MultiRewardStaking and VaultController contracts lies in the usage of the transfer and transferFrom functions, which does not provide the safety checks for the transfer of tokens, especially since the reward token can have...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2023/02/01 12:0 a.m.7 views

ERC20 TRANSFER AND TRANSFERFROM ARE NOT CHECKING FOR THE ZERO ADDRESS OF to AND from, DURING EXECUTION

Lines of code Vulnerability details Impact ERC20 standard tokens check for the != address0 condition in the transfer and transferFrom functions for the to address and from address in order to make sure funds are not transfered to zero address and balance is not updated in the balanceOf mapping fo...

7AI score
Exploits0
Code423n4
Code423n4
added 2023/01/19 12:0 a.m.15 views

LienToken.transferFrom There is a possibility of malicious attack

Lines of code Vulnerability details Impact Corrupt multiple key properties of public vault, causing vault not to function properly Proof of Concept When LienToken.makePayment/buyoutLien/payDebtViaClearingHouse If it corresponds to PublicVault, it will make multiple changes to the vault, such as:...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/12/21 12:0 a.m.15 views

Some NFTs could be possibly stuck and can not be withdrawn when removing the collateral

Lines of code Vulnerability details Impact When adding a collateral, the protocol transfers the NFT from the user to the contract by calling ERC721's transferFrom, and when removing the collateral, safeTransferFrom is called to allow for onReceive hook to be triggered as intended by the protocol...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/12/16 12:0 a.m.7 views

ERC20 can be mistakenly used instead of ERC721

Lines of code Vulnerability details Impact // Attempt to transfer token into this address try IERC721EnumerableUpgradeablesettings.token.transferFrom // @audit could use ERC20 here msg.sender, addressthis, settings.tokenId catch revert TOKENNEEDSTOBEAPPROVEDTOCONTRACT; Both ERC20 and ERC721 has t...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/12/16 12:0 a.m.10 views

IERC20.transfer does not support all ERC20 token

Lines of code Vulnerability details Impact Proof of Concept Token like USDT known for using non-standard ERC20. Missing return boolean on transfer. Contract function handleDeposit will always revert when try to transferfrom this kind of tokens. Tools Used manual review Recommended Mitigation Step...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/12/16 12:0 a.m.6 views

The transferFrom() method is used instead of safeTransferFrom(), which I assume is a gas-saving measure. I however argue that this isn’t recommended because:

Lines of code Vulnerability details Vulnerability Detail OpenZeppelin’s documentation discourages the use of transferFrom; use safeTransferFrom whenever possible The recipient could have logic in the startDraw, fwinnerClaimNFT, lastResortTimelockOwnerClaimNFT, function src/VRFNFTRandomDraw.sol-18...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/12/16 12:0 a.m.15 views

Ignored return value from "IERC20.transferFrom()"

Lines of code Vulnerability details Impact The return value from IERC20.transferFrom in "StableVault" was not checked, a malicious actor could first deposit a number of tokens without actually having it and then subsequently withdraw that amount of tokens from the "StableVault" Proof of Concept...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/12/12 12:0 a.m.8 views

unsafe transfer/TransferFrom breaks functionality of Collateral.sol

Lines of code Vulnerability details Description The ERC20 specification does not demand implementations to revert when the transfer and transferFrom functions fail. They may use the return value to signal the success code. Some tokens, like ZRX, indeed don't revert. In Collateral deposit and...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/10/21 12:0 a.m.8 views

Upgraded Q -> M from 796 [1666363133014]

Judge has assessed an item in Issue 796 as Medium risk. The relevant finding follows: L‑01 Use of transferFrom rather than safeTransferFrom for NFTs in will lead to the loss of NFTs The EIP-721 standard says the following about transferFrom: /// @notice Transfer ownership of an NFT -- THE CALLER ...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/10/21 12:0 a.m.15 views

Upgraded Q -> M from 236 [1666363743332]

Judge has assessed an item in Issue 236 as Medium risk. The relevant finding follows: ERC721 token can be lost in fillAsk PROBLEM When a user fills an ask order by calling fillAsk, the ERC721.transferFrom method is used to transfer the NFT to the receiver. Should the receiver be a smart contract...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/10/12 12:0 a.m.10 views

# ERC20 transfer / transferFrom with not checked return value

Lines of code Vulnerability details ERC20 transferFrom with not checked return value Impact Not every ERC20 token follows OpenZeppelin's recommendation. It's possible inside ERC20 standard that a transferFrom doesn't revert upon failure but returns false. Proof of Concept ERC20 transferFrom...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/10/11 12:0 a.m.13 views

UNSAFE USAGE OF ERC20 TRANSFERFROM

Lines of code Vulnerability details Impact Ignores return value from L1GraphTokenGateway.finalizeInboundTransfer and L1GraphTokenGateway.outboundTransfer Not tracking values returned by token transfer from. finalizeInboundTransfer When escrow not approve for L1GraphTokenGateway or allowance is no...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/10/09 12:0 a.m.13 views

Unchecked transfer/transferFrom return can lead to protocol lose of funds

Lines of code Vulnerability details Impact It is good to add a require statement that checks the return value of token transfers or to use something like OpenZeppelin's safeTransfer/safeTransferFrom unless one is sure the given token reverts in case of a failure. Failure to do so will cause silen...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/09/27 12:0 a.m.9 views

Can Recover Gobblers Burnt In Legendary Mint

Lines of code Vulnerability details Impact Allows users to mint legendary Gobblers for free assuming they have the necessary amount of Gobblers to begin with. This is achieved by "reviving" sacrificed Gobblers after having called mintLegendaryGobbler. Severity Justification This vulnerability...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2022/09/27 12:0 a.m.8 views

Allowance isn't deleted when burning gobblers in mintLegendaryGobbler()

Lines of code Vulnerability details Impact Legendary gobblers can be minted for free. Proof of Concept A simple attack allows anyone with enough gobblers to pay for a legendary to get it for free Step by step attack : -Attacker has 69 gobblers and gives approval of all of them to himself -Attacke...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2022/09/26 12:0 a.m.7 views

after mintLegendaryGobbler(), the burned Gobbler can be transferred back

Lines of code Vulnerability details Impact mintLegendaryGobbler burn Gobbler only set the owner=address0, and did not clear getApprovedid, resulting in the transferFrom can be called to transfer back to old owner Proof of Concept Suppose users0 has Gobbler1 steps: step 1:users0 call...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/09/25 12:0 a.m.12 views

Mint legendary gobbler for free

Lines of code Vulnerability details Impact Minting a legendary gobbler does not delete getApproved, thus an owner can approve himself before minting the legendary and later transfer back these ordinary gobblers. mintLegendaryGobbler performs an imitation of burning by setting an owner to address0...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2022/09/19 12:0 a.m.17 views

Using transferfrom on ERC721 tokens

Lines of code Vulnerability details Impact In the function createParty of contract Crowdfund.sol, when transferring the acquired NFTs to the new party, the transferFrom function is called instead of safeTransferFrom. If the addressparty is a contract address that doesn't support ERC721 tokens , t...

6.7AI score
Exploits0
Rows per page
Query Builder