Use of block.timestamp

Lines of code Vulnerability details Impact Block timestamps have a purpose for a variety of applications, such as entropy for random numbers see the Entropy Illusion for further details, locking funds for periods of time, and various state-changing conditional statements that are time-dependent...

Constant product formula is not maintained in deposit() and withdraw() functions.

Lines of code Vulnerability details Impact As constant product formula is not followed, during deposit/withdraw, actualReserves - both actual NFT and BaseToken are updated but virtualReserves are not updated. This could lead to incorrect price deviation for the trader, most reverting their...

Burning rETH at the unstake might revert

Lines of code Vulnerability details Impact Unstaking is blocked. Proof of Concept When unstaking the withdraw of each derivative is called. Reth.withdraw withdraws by calling RocketTokenRETHInterfacerethAddress.burnamount. But RocketTokenRETH.burn reverts if the ETH balance is insufficient for th...

Bio Protocol - tokenURI JSON injection

Lines of code Vulnerability details Impact The Bio Protocol allows users to mint Bio NFTs that represent user's bio. Once NFT is minted anyone can trigger tokenURI to retrieve JSON data with the bio and generated svg image. Example JSON content decoded from Base64: "name": "Bio 1", "description":...

Incorrect calculation of gasToPay due to dividing before multiplying, rounding error.

Lines of code Vulnerability details Impact In Solidity, it is an error to divide before multiplying because of lots of rounding errors that can come from that. In this case: uint256 pubdataLen; unchecked pubdataLen = message.length + 31 / 32 32 + 64; uint256 gasToPay = pubdataLen...

Unsafe cast

Lines of code Vulnerability details Impact In AccountCodeStorage.sol we have function getCodeHash and getCodeSize Due to an insecure cast, it is possible to get an integer overflow. Solidity version 0.8.0 provide SafeMath, but casting operations are not safe and can overflow. Proof of Concept As...

[Medium - 2] A force deployed contract may be stuck in the constructor forever

Lines of code Vulnerability details Impact The forceDeployOnAddress function in the ContractDeployer contract may be used to redeploy contracts at a specified address. Very useful in the case of precompiles or system contracts upgrades for instance. In the deployment parameters, multiple values c...

NonceHolder.setValueUnderNonce does not check if the nonce has been used before

Lines of code Vulnerability details Impact Already used nonces or the nonces less than the specified minimal nonce can be used by the NonceHolder.setValueUnderNonce function. It can lead to some unique conflicts and even replay attacks on some of dapps which are based on the values under nonces...

TicketUtils: Number draws are not uniformly distributed

Lines of code Vulnerability details The number selection algorithm in TicketUtils.reconstructTicket "draws" winning numbers using modulo arithmetic and a random seed. However, selected numbers are not uniformly distributed. Due to modulo bias and successive draw logic, higher numbers will be draw...

Index of removed Trove is not updated

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. In the function removeTroveOwner in the TroveManager contract the Trovesborrowercollateral.arrayIndex is still equal to its previous index even though it has been removed from TroveOwners and therefore...

pullCollateralFromBorrowerOperationsOrDefaultPool can fail on if _amount will set to zero

Lines of code Vulnerability details Impact Amount can be zero,as there is not no check in place, while collect modules do attempt to send it in such a case anyway. Some ERC20 tokens do not allow zero value transfers, reverting such attempts. As a result, a combination of a token set as a collect...

implementation of the isValidSignature() function in the DAO.sol is invalid

Lines of code Vulnerability details Impact Failure to validate the returned response from the isValidSignature function can cause that invalid signatures to be assumed to be valid. Proof of Concept Currently, externally owned accounts EOAs can sign messages with their associated private keys, but...

Incorrect computation in MultiRewardStaking changeRewardSpeed() leads to loss of rewards

Lines of code Vulnerability details Impact The changeRewardSpeed function computes rewardsEndTimestamp incorrectly for the case block.timestamp block.timestamp ? prevEndTime : block.timestamp.safeCastTo32, rewardsPerSecond, remainder If the prevEndTime block.timestamp then it can be reduced to...

DoS with block gas limit in squeezeDrips

Lines of code Vulnerability details Squeezing drips requires verifying the entire history of that drip. This means iterating over an unbounded loop of the size of the history for uint256 i = 0; i dripsHistory.length; i++ DripsHistory memory drips = dripsHistoryi; bytes32 dripsHash =...

refundETH has no access control and be called repeatedly or Can be Front runned to steal WETH funds from Contract

Lines of code Vulnerability details Impact The function refundETH has no access control and called be called anyone resulting in a loss of WETH funds if address0 is entered as the recipient for removeLiquidity Proof of Concept Consider the scenario if bob calls removeliquidity which returns WETH...

TOKEN BALANCE OF A PARTICULAR ADDRESS IS NOT CHECKED AGAINST THE REQUESTED TRANSFER AMOUNT INSIDE TRANSFER AND TRANSFERFROM FUNCTIONS IN ERC20.sol CONTRACT

Lines of code Vulnerability details Impact transfer and transferFrom functions do not check for the available erc20 token balance of the from address and the msg.sender respectively against the requested transfer amount. Hence if the balanceOffrom and balanceOfmsg.sender in the transferFrom and...

Drips.sol: drips can be squeezed from before drips.updateTime which allows to drain ALL funds from the protocol

Lines of code Vulnerability details Impact The Drips.squeezeDrips function allows to receive drips from the currently running cycle from a single lender. Drips are configured via the Drips.setDrips function . A Drip can be configured to start at any time. The protocol caps the start time at the...

Incorrect totalSupply() function design

Lines of code Vulnerability details Impact In ERC1155Enumerable.solL36-L37 line, totalsuppyl of ERC1155 is calculated packages/v2-token/src/base/ERC1155Enumerable.sol: 34 35: /// @inheritdoc IERC1155Enumerable 36: function totalSupply public view override returns uint256 37: return...

Malicious borrower can create pool imbalance by tricking the V2 pool to send lesser number of long tokens in exchange for short tokens

Lines of code Vulnerability details Impact Timeswap V2 Pool works on constant product AMM where total long tokens & short tokens follow the equation total long total short = L. Any increase in long tokens has to be accompanied with a proportionate drop in short tokens and viceversa to ensure that...

TimeswapV2LiquidityToken should not use totalSupply()+1 as tokenId

Lines of code Vulnerability details Impact Assuming ERC1155Enumerable is acting normally, there is a Accounting Issue about TimeswapV2LiquidityToken and TimeswapV2Token's tokenId. Different liquidities can have the same tokenId, leading to serious balance manipulation. I'm submitting this issue a...

FIRST ERC4626 DEPOSIT CAN BE EXPLOITED ON SHARE CALCULATION

Lines of code Vulnerability details Impact This is a common attack vector involving shares based liquidity pool contracts. An early user can manipulate the price per share and profit from late users' deposits because of the precision loss caused by the rather large value of price per share. Note:...

Liquidation bots are needed to stabilize the system.

Lines of code Vulnerability details Impact Allowing liquidation bots to arbitrage would stabilize the system. The majority of liquidations are done by liquidation bots. For liquidation bots to be viable there has to exist a secondary market where the assets can be instantly sold. This is especial...

Reuse of signature to get KYCd after it has been removed

Lines of code Vulnerability details Impact There is no time limit on the validity off KYC digests and users with a removed KYC are not saved. If a issuer of such a digest is either compromised or if they by mistake issue a digest with a deadline far into the future a user could reuse the same...

The owner minipool count is not decreased in the case of a staking error

Lines of code Vulnerability details Impact When a node operator creates a new pool or the recreateMinipool function is called the minipool count of the owner is increased by 1 and when the staking ends the multisig calls the recordStakingEnd function which will decrease the owner minipool count b...

rejectProposal/rejectActive/cancel did not update pendingBalances

Lines of code Vulnerability details Impact In the OptimisticListingSeaport contract, pendingBalances represents the number of Rae tokens sent to the contract by the user when creating the proposal, which can be withdrawn in the withdrawCollateral function. function withdrawCollateraladdress vault...

ERC20 TOKENS WITH DIFFERENT DECIMALS THAN 18 MAY BREAK THE LOGIC AND PROVIDE UNEXPECTED RESULTS

Lines of code Vulnerability details Impact Note: Though it is mentioned that Rebase/fee-on-transfer tokens are not expected, however there exist other ERC20 tokens having different decimals than 18 Contracts LpToken and Pair performs calculations by using hardcoded value of decimals 18 1e18 for...

Token decimals may be above 18 leading to underflow issues

Lines of code Vulnerability details Impact In both StableVault and Trading, there is an assumption that token decimal amounts are =18. However this can break if token decimals are 18, resulting in underflow which can lead to unpredictable behaviors, and extreme amounts during deposits and...

Error when handling deposit in the addToPosition function

Lines of code Vulnerability details Impact In the function addToPosition from the Trading contract the amount of open fees are handled using the handleOpenFees function but when calling the handleDeposit function the wrong margin is passed, in fact the handleDeposit function gets addMargin - fee...

Wrong variable is used for the first parameter of depositHook.hook()

Lines of code Vulnerability details Impact Recipient is treated wrongly as sender. Proof of Concept As written here See DepositHook.solL43-L52, the first accepted parameter should be the sender. However, recipient See Collateral.solL53 is passed in here. Tools Used Manual Recommended Mitigation...

[NAZ-M2] Usage of send() Can Result In Revert

Lines of code Vulnerability details Impact Several functions are sendusing is used by the across several functions to transfer ETH/WETH. send uses a fixed amount of gas, which was used to prevent reentrancy. However this limit your protocol to interact with others contracts that need more than th...

[NAZ-H2] Update Initializer Modifier To Prevent Reentrancy During Initialization

Lines of code Vulnerability details Impact Currently the project uses both : "@openzeppelin/contracts": "4.2.0", "@openzeppelin/contracts-upgradeable": "4.2.0". This dependency has a known high severity vulnerability Deserialization of Untrusted Data Proof of Concept Because of the Deserializatio...

Reentranxcy in executeCalls()

Lines of code Vulnerability details Impact The contract first checks that the message sender is authorized and then marks the provided nonce as executed before calling the executeCalls function in CallLib. However, if CallLib.executeCalls calls back into this contract, the executeCalls function...

QA Report

See the markdown file with the details of this report here. --- The text was updated successfully, but these errors were encountered: All reactions...

LooksRareProxy is missing the fee mechanism, protocol may loss the revenue from fee

Lines of code Vulnerability details Impact LooksRareProxy is missing the fee mechanism, the protocol may lose revenue from the fee. Even if you intend to have a free fee, the fee mechanism should be implemented in case you need to enforce the fee in the future. Proof of Concept function execute...

Unsafe ERC20 operations due to lack of contract length check

Lines of code Vulnerability details Impact Functions executeERC20DirectTransfer and executeERC20TransferFrom replicates solmate libraries methods. The problem with this is that these functions does not check existence of code at the token address. If executeERC20DirectTransferand...

Theft of ETH that was not used for successful execution of orders in non-atomic execution

Lines of code Vulnerability details Description There is an execute function in LooksRareAggregator contract. It refunds any ETH that was unused for example that left due to the unsuccessful execution of an order at the end of its execution flow: returnETHIfAnyoriginator; returnETHIfAny function ...

Casting to uint128 when valiue can exceed uint128.max

Lines of code Vulnerability details Impact In CommonTokenMath.tokensAvailableAtTime the result is cast to uint128 on line 62. Given that baseAmount close or at it's uint128.max, and cliffPercent is close or at it's max of 1e18 dictated on line 72 in SizeSealed.sol, cliffAmount can reach uint128.m...

Hacker can front-run the L2 ERC20 token deployment.

Lines of code Vulnerability details Impact hacker can front-run the L2 ERC20 token deployment to block L2 ERC20 token finalizeDeposit Proof of Concept I intend to prove this piece of code is front-runnable by hacker: /// @notice Finalize the deposit and mint funds /// @param l1Sender The account...

LayerZeroModule miscalculates gas, risking loss of assets

Lines of code Vulnerability details Description Holograph gets it's cross chain messaging primitives through Layer Zero. To get pricing estimate, it uses the DstConfig price struct exposed in LZ's RelayerV2 The issue is that the important baseGas and gasPerByte configuration parameters, which are...

Duplicated / Split H -> H from 461 [1666620942709]

Judge has assessed an item in Issue 461 as High risk. The relevant finding follows: Lines of code Vulnerability details Impact In VoteEscrowDelegation contract, the writeCheckpoint internal function has major logic errors which will make the delegate external function to always revert. Proof of...

divide-before-multiply in JBTiered721DelegateStore

Lines of code Vulnerability details Impact Performing multiplication before division can sometimes avoid loss of precision. The calculation of return numberReservedTokensMintable - reserveTokensMinted; results in granting a slightly higher value on each call. Proof of Concept Slither Command...

blockRange should have a minimal value

Lines of code Vulnerability details Impact The blockRange doesn't have any minimal value so owner can call the setBlockRange function to change the blockRange value to a lower value which will automaticaly block the matching of some of the orders that have expirationTime == 0. Proof of Concept Th...

BlurExchange#_validateOracleAuthorization does not work as intended for bulk orders

Lines of code Vulnerability details Impact Bulk orders are not correctly signed and don't work as intended Proof of Concept BlurExchange.solL386-L392 else if signatureVersion == SignatureVersion.Bulk / If the signature was a bulk listing the merkle path musted be unpacked before the oracle...

The protocol doesn't support fee-on transfer tokens

Lines of code Vulnerability details Impact There are ERC20 tokens that may make certain customizations to their ERC20 contracts. One type of these tokens is deflationary tokens that charge a certain fee for every transfer functions. So if the implementing contract doesn't takes this fee into...

AlgebraPoolDeployer.sol#L50-L51 : After the pool deployment, the memory of "parameters's" members are not cleaned.

Lines of code Vulnerability details Impact As the memory of previous members are not cleared, this can cause unexpected result when deploying subsequent pools. Proof of Concept. parameters = ParametersdataStorage: dataStorage, factory: factory, token0: token0, token1: token1; pool = addressnew...

ERC721Votes: Token owners can double voting power through self delegation

Lines of code Vulnerability details The owner of one or many ERC721Votes tokens can double their voting power once and only once by delegating to their own address as their first delegation. Scenario This exploit relies on the initial default value of the delegation mapping in ERC721Votes, which ...

Potential DoS in _claim()

Lines of code Vulnerability details Impact An attacker could call claim in an infinite loop to conduct DoS attack. Proof of Concept Here is the implementation of claim: // User provides the the cToken & the amount they should get, and it is verified against the merkle root for that cToken ///...

PRICE's getCurrentPrice() can return zero price

Lines of code Vulnerability details Currently no price validity check is performed in getCurrentPrice. This way zero ohmEthPriceFeed.latestRoundData produced prices will yield zero getCurrentPrice which will be passed over to the logic. Also, negative OHM price or zero / negative reserve...

Users could borrow all the liquidity in the FraxlendPair

Lines of code Vulnerability details Impact Any user can borrow any amount of Asset without transfer any Collateral Token to the Pair Proof of Concept By invoking borrowAsset and passe collateralAmount = 0 you will be able to borrow all the liquidity in the Pair As we can see they just check for i...

Pausing can cause serious bad debt since debt can't be liquidated.

Lines of code Vulnerability details Impact Pausing can cause serious bad debt since debt can't be liquidated. For example, if 1 UST is used as collateral to borrow 0.7 USDT 30% safety. Then UST crashed and chainlink stopped working. You left no choice but to pause the contract. After that UST...