ALMOST DEPRECATED TRANSFER() IS USED TO WITHDRAW ETHER

Lines of code Vulnerability details Impact transfer function can cause withdrawal to fail Proof of Concept function withdraw address assetAddress, address to, uint256 amount public LibDiamond.enforceIsContractOwner; address sendTo = to == address0 ? msg.sender : to; uint256 assetBalance; if...

EIP-712 signatures can be re-used in private sales

Lines of code Vulnerability details Impact Within a NFTMarketPrivateSale contract, buyers are allowed to purchase a seller's NFT. This is done through a seller providing a buyer a EIP-712 signature. The buyer can then call buyFromPrivateSaleFor providing the v, r, and s values of the signature as...

Chainlink's latestRoundData might return stale or incorrect results

Handle cccz Vulnerability details Impact On Cvx3CrvOracle.sol, we are using latestRoundData, but there is no check if the return value indicates stale data. This could lead to stale prices according to the Chainlink documentation: function peek bytes6 base, bytes6 quote, uint256 baseAmount privat...

Initial pool deposit can be stolen

Handle cmichel Vulnerability details Note that the PoolTemplate.initialize function, called when creating a market with Factory.createMarket, calls a vault function to transfer an initial deposit amount conditions1 from the initial depositor references4: // PoolTemplate function initialize string...

Reentrancy vulnerability in Basket contract's initialize() method.

Handle broccolirob Vulnerability details A malicious "publisher" can create a basket proposal that mixes real ERC20 tokens with a malicious ERC20 token containing a reentrancy callback in it's approve method. When the initialize method is called on the newly cloned Basket contract, a method calle...

Fee boundaries are not validated

Handle pauliax Vulnerability details Impact OverlayV1Mothership has declared variables named MINFEE and MAXFEE, or MINMARGINMAINTENANCE and MAXMARGINMAINTENANCE, however, none of these variables are used anywhere, e.g. I expected to see a fee validated with these min/max boundaries, but now...

Zap contract's redeem() function might transfer more tokens than the user should be able to receive

Handle Ruhum Vulnerability details Impact The redeem function transfers the whole balance of the specified token to the user. That can be more than the amount the user should receive. Because at the time of the call to redeem the Zap contract's balance of the passed token might not be 0. Proof of...

MochiTreasuryV0.sol Is Unusable In Its Current State

Handle leastwood Vulnerability details Impact MochiTreasuryV0.sol interacts with Curve's voting escrow contract to lock tokens for 90 days, where it can be later withdrawn by the governance role. However, VotingEscrow.vy does not allow contracts to call the following functions; createlock,...

Avoid Using Block.timestamp in checkClaimable

Handle Koustre Vulnerability details Impact checkClaimable function is dependent on using block.timestamp and this can be manipulated to claim funds earlier than it should in functions claim, forceClaim and lock Proof of Concept Provide direct links to all referenced code in GitHub. Add...

PoolCommitter.sol#commit() Calculation of amountOut is wrong

Handle WatchPug Vulnerability details else if commitType == CommitType.LongBurn // long burning: pull in long pool tokens from committer // A theoretical amount based on current ratio. Used to get same units as minimumCommitSize uint256 amountOut = PoolSwapLibrary.getWithdrawAmountOnBurn...

Wrong keeper reward computation

Handle cmichel Vulnerability details The PoolKeeper.keeperReward computation mixes WADs and Quads which leads to issues. 1. Note that keeperTip returns values where 1 = 1%, and 100 = 100%, the same way BASETIP = 5 = 5%. Thus tipPercent = ABDKMathQuad.fromUIntkeeperTip is a Quad value of this keep...

Can reclaim the same incentive multiple times

Handle pauliax Vulnerability details Impact function reclaimIncentive can be invoked more than once for the same incentiveId. If there were multiple incentives for the same token it would allow to drain these tokens by repeatedly calling reclaimIncentive. Recommended Mitigation Steps Simple...

onlyAdmin Role May Unintentionally Cause Issues in the Underlying Protocol

Handle leastwood Vulnerability details Impact The onlyAdmin role points to an EOA account managed by the Swivel team. Withdrawals from the Swivel protocol have to be scheduled by the onlyAdmin role, ensuring that users have sufficient time to withdraw, if required. The setFee function in Swivel.s...

Erc20.approve() doesn't work on non-standard compliant tokens like USDT

Handle pants Vulnerability details Non-standard compliant tokens like USDT don't return a return value on approve. The function Erc20.approve reverts if the token doesn't return a return value, as it is defined to always return a boolean. Impact When using any non-standard compliant token like...

Router's complexPath percentagePaths don't work as expected

Handle cmichel Vulnerability details The TridentRouter.complexPath function allows splitting a trade result into several buckets and trade them in a different pool each. The distribution is defined by the params.percentagePathi.balancePercentage values: for uint256 i; i...

If newRatio can differ drastically from the old ibRatio attacks could take place

Handle tensors Vulnerability details Impact Consider L91 in Auction.sol. I'm not sure what the logic for updating the ibRatio in this case is. If the newRatio is larger/smaller than the old ibRatio than a user can mint/burn tokens in the basket contract, update the ratio, then burn/mint the...

Re-entrancy in settleAuction allow stealing all funds

Handle cmichel Vulnerability details Note that the Basket contract approved the Auction contract with all tokens and the settleAuction function allows the auction bonder to transfer all funds out of the basket to themselves. The only limiting factor is the check afterwards that needs to be abided...

use of transfer() instead of call() to send eth

Handle JMukesh Vulnerability details Impact Use of transfer might render ETH impossible to withdraw becuase after istanbul hardfork , there is increases in the gas cost of the SLOAD operation and therefore breaks some existing smart contracts.Those contracts will break because their fallback...

Ether will get stuck in ERC20TokenEmitter

Lines of code Vulnerability details ERC20TokenEmitter.sol:buyToken distributes the funds sent to purchase the tokens in the following way: 2.5% of the funds are sent to the RevolutionProtocolRewards contract. From the remaining funds, a percentage dependent on the creatorRateBps variable is sent ...

Liquidation condition should not factor the liquidation reward into the premiums

Lines of code Vulnerability details Summary The premiums used to determine the liquidation condition have the liquidation reward already discounted, potentially causing a lien to be considered underwater while technically it is not. Impact Positions in Particle LAMM can be liquidated if the owed...

increaseLiquidity/decreaseLiquidity Lack of slippage protection

Lines of code Vulnerability details Vulnerability details In ParticlePositionManager.mint, there is slippage protection by params.amount0Min / params.amount1Min But in increaseLiquidity, pool.mint will also be executed There is no slippage protection function increaseLiquidity uint256 tokenId,...

Users receive fewer tokens due to inaccuracy in calculation

Lines of code Vulnerability details Impact There is a loss of precision in the VRGDAC.yToX function, because in several places division occurs first, and then the result is multiplied. This results in users receiving fewer tokens. According to test data, the difference can be 8 digits. The choice...

Signature Malleability in CultureIndex::_verifyVoteSignature function

Lines of code Vulnerability details Impact The elliptic curve used in Ethereum for signatures is symmetrical, hence for every v,r,s there exists another v,r,s that returns the same valid result. Therefore two valid signatures exist which allows attackers to compute a valid signature without knowi...

Issue with Decimal Conversion in Shell Protocol

Lines of code Vulnerability details Impact The identified issue within the convertDecimals function in the Shell Protocol could lead to a loss of value due to decimal truncation during token conversions. This situation is particularly critical in the context of Shell Protocol's operations, which...

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

The initial deposit of an asset will always fail due to the fact that getTotalAssetDeposits() returns 0.

Lines of code Vulnerability details Impact The LRTDepositPooldepositAsset function is employed for users to deposit supported assets. This function relies on LRTDepositPoolgetTotalAssetDeposits to determine the amount of rsETH to be minted. However, the absence of initial deposits in the...

Missing sanity checks in Chainlink response

Lines of code Vulnerability details Summary Chainlink responses from price feeds are being used without any sanity checks. Impact The ChainlinkPriceOracle contract is used to interface with the Chainlink price feeds for the different LST assets in scope in the protocol. The current implementation...

stETH/ETH, rETH/ETH and cbETH/ETH chainlink oracles has too long of heartbeat and deviation threshold which can cause loss of funds

Lines of code Vulnerability details ChainlinkPriceOracle fetches prices from the Chainlink contracts. But the price feeds in the consideration has a very long price heartbeat and deviation rate which might lead to wrong price calculation and loss of token to the user. Impact According to the...

User loss his delegated voting power after delegation to another user.

Lines of code Vulnerability details Vulnerability Details When a user delegate voting power to another user, his previous voting power from delegation has been ignored at getVotingPowerAt since in case isDelegated is true getVotingPowerAt returns 0. Impact Delegated voting power cannot be utilize...

Chainlink oracle will return the wrong price for asset if underlying aggregator hits minAnswer / max answer

Lines of code Vulnerability details Impact Chainlink oracle will return the wrong price for asset if underlying aggregator hits minAnswer / max answer and the deposit asset can be wrongly valued, leads to overborrowing Proof of Concept Chainlink aggregators have a built in circuit breaker if the...

MEV bot can frontrun user's repayment to liquidate user first when the OmniPool is unpaused

Lines of code Vulnerability details Impact MEV bot can frontrun user's repayment to liquidate user first when the OmniPool is unpaused Proof of Concept this report tries to combine a few issue 1. when OmniPool is paused, interest is still accuring 2. when OmniPool is paused, user cannot repay 3...

stakers can withraw reward without waiting the vesting period

Lines of code Vulnerability details Impact stakers can frontrun a reward giving transaction by monitoring the mempool for the function transferInRewards, and stake before it, and then unstake after to get rewards, if the cooldown is off. Proof of Concept imagine a scenario where the cooldown peri...

wrong implementation of bipDiv.

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps function...

DoS Any Controller by Frontrunning Creation with a Codehash Change

Lines of code Vulnerability details Impact Any controller contract can be DoSed by sending a 1 wei transaction to the controller address that will be created for a user. When an account has no code and has never been interacted with, the codehash will be bytes320. This will result in controller...

Compiler version used by Brahma contracts may introduce permanent bugs in the future

Lines of code Vulnerability details Impact Lack of upgradeability of protocol to adapt with new pragma version may introduce a risk of being targeted by malicious actors if the pragma version 0.8.19 introduce bugs in the future. Here's the list of previous solidity compiler bugs for your referenc...

checkAfterExecution() function has a design flaw

Lines of code Vulnerability details Impact checkAfterExecution function has a design flaw. It may cause some danger problem, such as ,signers can change the threshold of the vault, giving themselves increased control over future transactions and breaking an important trust assumption of the...

Executor can effectively bypass _checkSubAccountSecurityConfig by adding a new Module

Lines of code Vulnerability details Impact An Executor is an account authorized to perform module execution on a subAccount through the ExecutorPlugin. Gnosis Safe Modules manage to bypass the entire guard logic Safe 1.5 has that new guard hook, but there's also no hook logic done in Brahma. For...

OpenZeppelin 's recent v5.0.0 release includes many changes to libraries/contracts that can directly affect ERC20MultiDelegate functionality

Lines of code Vulnerability details Impact OpenZeppelin just released v5.0.0, and there happen to be several significant changes that directly affect the ERC20MultiDelegate implementation, directly and indirectly, via packages used and inherited from. Here’s a link to the release: Below is a...

Assembly proxy creation lacks bytecode validation, enabling arbitrary contract deployment.

Lines of code Vulnerability details Impact The proxy contract creation uses assembly to compute the create2 address. But it does not verify the deployed bytecode matches expectations. The use of assemble for proxy contract creation has potential risks if the bytecode is not validated. This could...

accrueTokens will revert if any rebase tokens are used

Lines of code Vulnerability details Impact In PrimeLiquidityProvider.sol:accrueTokens we get the current balance of the passed token. If the token is any rebase token AMPL, stETH, RMPL and the current balance has become lower than tokenAmountAccruedtoken, the function will revert. This will lead ...

Leaky faucet

Lines of code Vulnerability details Impact Leaking is bad. Proof of Concept Turn off faucet, it leaks! Tools Used Hands Recommended Mitigation Steps Teflon tape. Assessed type Other --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #506 [1695291399781]

Judge has assessed an item in Issue 506 as 2 risk. The relevant finding follows: L‑01 The admin wont be able to burn rUSDY if the address is blacklisted/sanctioned and not on the allowlist The burn function in rUSDY.sol allows the admin to seize rUSDY if the user is not legally allowed to own it...

Relying on string comparisons to determine which parameter to update in the file() function is brittle and could lead to unintended consequences.

Lines of code Vulnerability details Impact This can allow unintentionally changing sensitive state variables Proof of Concept The vulnerability arises because: file relies on a simple string comparison of the what parameter to determine which state variable to update. A developer could accidental...

"Divide-by-Zero Risk in convertToShares Function"

Lines of code Vulnerability details Description The convertToShares function calculates the number of shares based on the provided assets and the "latestPrice" obtained from the liquidityPool. While the code may appear straightforward, there is a specific security concern related to divide-by-zer...

Wrong tick selected by GeVault.getActiveTickIndex()

Lines of code Vulnerability details During mitigation of M-03, the function getActiveTickIndex has been completely rewritten. The new logic uses the following statement to identify the active ticker that represents the Uniswap V3 liquidity pool actively traded: if baseTokenIsToken0 && amt0 == 0 |...

Incorrect initialization of rUSDY.sol

Lines of code Vulnerability details Impact rUSDY.sol contract inherits PausableUpgradeable contract but does not invoke its initialzers during its own initialization. Due to which the state of PausableUpgradeable contract remain uninitialized. File: contracts/usdy/rUSDY.sol contract rUSDY is...

Calling withdraw on a delegated amount of WETH doesn't subtract from totalWethDelegated

Lines of code Vulnerability details Impact The contract's WETH amount gets permanently bricked. Proof of Concept A user can call addToDelegate and give WETH, that other people can use for bonding with their rDPX in exchange for a certain percentage appointed by the delegatee. Delegate memory...

underflow can happens after delegator vote and block vote counting

Lines of code Vulnerability details Impact underflow can happens after delegator vote and block vote counting Proof of Concept In the current implementation, when a voting, the function countVote is triggered, this function is overriden in the function GovernorCountingOverridable.sol weight =...

Bonding WETH discounts can drain WETH reserves of RdpxV2Core contract to zero

Lines of code Vulnerability details Impact Depending on the reserves of rDPX, bonding discounts are given both on the rDPX and WETH collateral requirements for minting dpxETH. The bonding discounts for both rDPX and WETH portions are provided as rDPX which is taken from the treasury. The issue wi...

Flashloan/Sandwich Attacks on UpdateFunding()

Lines of code Vulnerability details Impact The attacker can launch a sandwich/flashloan attack on the updateFunding function to gain most of the reward. Proof of Concept 1. The attacker observed that some reward is going to be distributed via updateFunding function. 2. The attacker borrowed...