Lucene search
K

22 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2023/11/09 12:58 p.m.6 views

Malicious code in vader-pack (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3f1011ad5820edf4133971eeebc94ab36b715c17b0f12059f941506ec89ec64e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2023/11/09 12:58 p.m.6 views

MAL-2023-8496 Malicious code in vader-pack (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3f1011ad5820edf4133971eeebc94ab36b715c17b0f12059f941506ec89ec64e Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
Code423n4
Code423n4
added 2022/09/08 12:0 a.m.9 views

# WRONG DESIGN/IMPLEMENTATION OF ADDLIQUIDITY() ALLOWS ATTACKER TO STEAL FUNDS FROM THE LIQUIDITY POOL

Lines of code Vulnerability details The current design/implementation of Vader pool allows users to addLiquidity using arbitrary amounts instead of a fixed ratio of amounts in comparison to Uni v2. We believe this design is flawed and it essentially allows anyone to manipulate the price of the po...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/12/24 12:0 a.m.9 views

Vader TWAP averages wrong

Handle cmichel Vulnerability details The vader price in LiquidityBasedTWAP.getVaderPrice is computed using the pastLiquidityWeights and pastTotalLiquidityWeight return values of the syncVaderPrice. The syncVaderPrice function does not initialize all weights and the total liquidity weight does not...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2021/12/24 12:0 a.m.10 views

USDV TWAP averages wrong

Handle cmichel Vulnerability details The vader price in LiquidityBasedTWAP.getUSDVPrice is computed using the pastLiquidityWeights and pastTotalLiquidityWeight return values of the syncUSDVPrice. The syncUSDVPrice function does not initialize all weights and the total liquidity weight does not...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2021/12/23 12:0 a.m.9 views

vader price is wrong

Handle danb Vulnerability details for tokens that are not updating in syncVaderPrice because their updatePeriod is greated than timeElapsed, their liquidty weight will be zero, it will make the vader price wrong when calling getVaderPrice and it can be exploited. Recommended Mitigation Steps move...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/12/23 12:0 a.m.9 views

previousPrices Is Never Updated Upon Syncing Token Price

Handle leastwood Vulnerability details Impact The LiquidityBasedTWAP contract attempts to accurately track the price of VADER and USDV while still being resistant to flash loan manipulation and short-term volatility. The previousPrices array is meant to track the last queried price for the two...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/12/22 12:0 a.m.10 views

Reserve does not properly apply prices of VADER and USDV tokens

Handle TomFrenchBlockchain Vulnerability details Impact Reserve pays out vastly higher or lower IL protection than it should Proof of Concept Consider the lines 98 and 102 as shown on the link below: Here we multiply the IL experienced by the LP by a price for USDV or VADER as returned by the LBT...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/12/22 12:0 a.m.10 views

Oracle returns an improperly scaled USDV/VADER price

Handle TomFrenchBlockchain Vulnerability details Impact Invalid values returned from oracle in vast majority of situations Proof of Concept The LBT oracle does not properly scale values when calculating prices for VADER or USDV. To show this we consider the simplest case where we expect USDV to...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/12/22 12:0 a.m.9 views

Users can lock themselves out of being able to convert VETH, becoming stuck with the deprecated asset

Handle TomFrenchBlockchain Vulnerability details I've put this as a medium issue as we're leaking value as users are stuck with assets which are likely to be worth much less as they are deprecated. It could also be low as it's not exploitable by outside parties and the loss isn't taken by the...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2021/12/21 12:0 a.m.10 views

Oracle doesn't calculate USDV/VADER price correctly

Handle TomFrenchBlockchain Vulnerability details Impact Invalid values returned from oracle for USDV and VADER prices in situations where the oracle uses more than one foreign asset. Proof of Concept The USDV price is calculated as so for simplicity we'll consider a two pairs: totalUSD =...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/12/21 12:0 a.m.7 views

USDV uses incorrect exchange rate for burning

Handle TomFrenchBlockchain Vulnerability details Impact A money pump exists whenever VADER is worth more than $1. Proof of Concept When minting USDV, the amount minted is uAmount = vPrice vAmount / 1e18 where vPrice is the price of VADER in terms of USD. When burning USDV, the amount of VADER...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/12/21 12:0 a.m.6 views

LPs of VaderPoolV2 can manipulate pool reserves to extract funds from the reserve.

Handle TomFrenchBlockchain Vulnerability details Resubmission as the form crashed apologies if this is a duplicate Impact Impermanent loss protection can be exploited to drain the reserve. Proof of Concept In VaderPoolV2.burn we calculate the current losses that the LP has made to impermanent los...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2021/12/21 12:0 a.m.10 views

VaderReserve.reimburseImpermanentLoss improperly converts USDV to VADER

Handle TomFrenchBlockchain Vulnerability details Impact IL isn't properly converted from being in terms of USDV to VADER, resulting in reserve paying out incorrect amount. Proof of Concept VaderReserve.reimburseImpermanentLoss receives an amount in terms of USDV and converts this to an amount of...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2021/11/15 12:0 a.m.7 views

Unrestricted vestFor

Handle pauliax Vulnerability details Impact Anyone can call function vestFor and block any user with a tiny amount of Vader. This function has no auth checks so a malicious actor can front-run legit vestFor calls with insignificant amounts. This function locks the user for 365 days and does not...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/11/15 12:0 a.m.7 views

Vests can be denied

Handle cmichel Vulnerability details The LinearVesting.vestFor function which is called by Converter reverts if there already exists a vest for the user: require vestuser.amount == 0, "LinearVesting::selfVest: Already a vester" ; There's an attack where a griefer frontruns the vestFor call and...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/11/15 12:0 a.m.11 views

Wrong design/implementation of addLiquidity() allows attacker to steal funds from the liquidity pool

Handle WatchPug Vulnerability details The current design/implementation of Vader pool allows users to addLiquidity using arbitrary amounts instead of a fixed ratio of amounts in comparison to Uni v2. We believe this design is flawed and it essentially allows anyone to manipulate the price of the...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/11/15 12:0 a.m.9 views

Synth tokens can get over-minted

Handle WatchPug Vulnerability details Per the document: It also is capable of using liquidity units as collateral for synthetic assets, of which it will always have guaranteed redemption liquidity for. However, in the current implementation, Synth tokens are minted based on the calculation result...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2021/11/15 12:0 a.m.9 views

Potential economic attack that exploits IL coverage

Handle WatchPug Vulnerability details The current implementation of Vader protocol provides impermanent loss coverage calculated as below: function calculateLoss uint256 originalVader, uint256 originalAsset, uint256 releasedVader, uint256 releasedAsset public pure returns uint256 loss // // TODO:...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/11/09 12:0 a.m.9 views

Should a Chainlink aggregator become stuck in a stale state then TwapOracle will become irrecoverably broken

Handle TomFrench Vulnerability details Impact Inability to call consult on the TwapOracle and so calculate the exchange rate between USDV and VADER. Proof of Concept Should any of the Chainlink aggregators used by the TwapOracle becomes stuck in such a state that the check on L143-146 of...

6.9AI score
Exploits0
Rows per page
Query Builder