13 matches found
Towards Verifiability of Total Value Locked (TVL) in Decentralized Finance
Total Value Locked TVL aims to measure the aggregate value of cryptoassets deposited in Decentralized Finance DeFi protocols. Although blockchain data is public, the way TVL is computed is not well understood. In practice, its calculation on major TVL aggregators relies on self-reports from...
Breakthrough for Solv Protocol: $1 Billion TVL, Now a Top 32 DeFi Player
By Uzair Amir New York City, May 22 – Solv Protocol, a unified yield and liquidity layer for major digital assets,… This is a post from HackRead.com Read the original post: Breakthrough for Solv Protocol: $1 Billion TVL, Now a Top 32 DeFi Player...
Compound charges are sent to GeVault, making them potentially vulnerable to theft
Lines of code Vulnerability details Impact In the previous version, the compound fee would be saved in the TokenisableRange before being deposited into LP, and would be deposited into LP after reaching 1%. After reconstruction, the fees are sent directly to GeVault for distribution through getTVL...
Attacker can manipulate low TVL Uniswap V3 pool to borrow and swap to make Lending Pool in loss.
Lines of code Vulnerability details Impact In Paraspace protocol, any Uniswap V3 position that are consist of ERC20 tokens that Paraspace support can be used as collateral to borrow funds from Paraspace pool. The value of the Uniswap V3 position will be sum of value of ERC20 tokens in it. functio...
TWAP LP price manipulation
Lines of code Vulnerability details Impact The total value locked sum of the pair is used to price the LP. But the reserves of the underlying can be easily influenced by flashloan, then the TVL can vary dramatically.Just like what happened before here Warp. Although getPriceLP use TWAP to calcula...
Dividing before multiplying can cause data loss
Lines of code Vulnerability details Impact Note: I'll use the notation decimals here to represent 10 token.decimals, just like th variable defined in the BaseV1Router.getPriceLP function. In the BaseV1Router.getPriceLP function, the token0 TVL is calculated in terms of NOTE, by multiplying the TV...
Big deposits will revert
Handle pedroais Vulnerability details Impact Big deposits will revert Proof of Concept If a deposit is greater than the total deposited the transaction will revert. In this line of code totalTokenBalanceStakers - amount is computed. If amount is bigger than TVL staking will revert. I consider thi...
Withdraw from AaveVault will receive less than actual share
Handle gzeon Vulnerability details Impact AaveVault cache tvl and update it at the end of each push and pull. When withdrawing from LpIssuer, tokenAmounts is calculated using the cached tvl to be pulled from AaveVault. This will lead to user missing out their share of the accrued interest /...
Possible price manipulation while adding liquidity to uniV3
Handle 0x421f Vulnerability details Right now if we see the code there are no checks before liq being added to check if pool is manipulated. Hence there rises possibility of sandwich attack vector here, more so with concentrated liq imo Could be done with flash loan or with own tokens Attack woul...
UniV3Vault.sol#collectEarnings() can be front run
Handle WatchPug Vulnerability details For UniV3Vault, it seems that lp fees are collected through collectEarnings callable by the strategy and reinvested rebalanced. However, in the current implementation, unharvested yields are not included in tvl, making it vulnerable to front-run attacks that...
AaveVault is vulnerable to flashloan sandwich attack
Handle WatchPug Vulnerability details In the current implementation of AaveVault, tvl is only updated after each deposit/withdraw, which means unclaimed yields won't be included in tvl until someone deposit/withdraw, making it vulnerable to flashloan sandwich attack that steals pending yields. Po...
Consider fees while calculating tvl of univ3
Handle 0x421f Vulnerability details As of now fees owed are not being considered I think here due to this A comes in deposits at time X his deposit genrates fess Now though B comes later, he gets unfair adv from As deposit Just use pool.burn to update fees I think --- The text was updated...
Missing events/timelocks for owner/admin only functions that change critical parameters
Handle defsec Vulnerability details Impact Owner/admin only functions that change critical parameters should emit events and have timelocks. Events allow capturing the changed parameters so that off-chain tools/interfaces can register such changes with timelocks that allow users to evaluate them...