10190 matches found
Deployer will deploy proxies that cannot be upgraded
Lines of code Vulnerability details Impact In contrast to the Test File, in which you're deploying the proxies directly, the setup from Deployer will keep the Proxy Admin to a zero value. Meaning nobody will be able to upgrade them after the deployment. See POC below to show that the admin slot i...
IRREVERSIBLE SHUTDOWN FUNCTION
Lines of code Vulnerability details Impact The abstract contract VaultImplementation is inherited by Vault.sol and PublicVault.sol. Its shutdown can be called by the strategist to make loadVISlot.isShutdown = true. This will make the modifier whenNotPaused revert, rendering commitToLien and...
JumpRateModelV2 may return wrong values
Lines of code Vulnerability details JumpRateModelV2 may return wrong values Impact Solidity integer division might truncate. As a result, performing multiplication before division can sometimes avoid loss of precision. Vulnerability Details In general, this is a problem due to precision mostly if...
Admin should be able to refund or redeem the sanctioned users
Lines of code Vulnerability details Impact Sanctioned user's funds are locked Proof of Concept It is understood that the sanctioned users can not mint nor redeem because the functions requestMint and requestRedemption are protected by the modifier checkKYC. And it is also understood that the...
Signature Replay no nonce
Lines of code Vulnerability details Impact There is a signature replay vulnerability. That means that the signature can be reused in the same contract from anyone calling. The vulnerability relies in the fact that there is no nonce specified for every caller. This means that you can take a...
Griefing attacks on handleOps and multiSend logic
Lines of code Vulnerability details Description The handleOps function executes an array of UserOperation. If at least one user operation fails the whole transaction will revert. That means the error on one user ops will fully reverts the other executed ops. The multiSend function reverts if at...
TokenggAVAX share price manipulation
Lines of code Vulnerability details Impact Reporting this issue as medium severity as a leak of value. Solmate's ERC4626 convertToShares calculates shares as assets totalSupply / totalAssets. It is possible to exploit this function by depositing 1 wei of asset in exchange 1 share totalSupply = 1...
Underlying assets stealing in token via share price manipulation
Lines of code Vulnerability details Impact asset can be stolen from depositors in the vault by manipulating the price of a share. Proof of Concept ERC4626 vaults are subject to a share price manipulation attack that allows an attacker to steal underlying tokens from other depositors this is a kno...
[NAZ-M2] First ERC4626Upgradeable Deposit Exploit Can Break Share Calculation
Lines of code Vulnerability details Impact ERC4626Upgradeable is an upgradeable version of Solmate's ERC4626 Token. Solmate's convertToShares function follow the formula: assetDepositAmount totalShareSupply / assetBalanceBeforeDeposit. The share price always return 1:1 with asset token. If...
Upgraded Q -> M from #32 [1671721748112]
Judge has assessed an item in Issue 32 as M risk. The relevant finding follows: 2. StableVault deposits are limited to 18 decimals During deposit and withdraw to/from StableVault contract, it mints/burns the same amount of stable tokens with respect to decimals. The current implementation support...
Missing approval check
Lines of code Vulnerability details Proof of Concept The lpToken.mint function is called with the msg.sender as the recipient, but there is no check to ensure that the sender has approved the contract to transfer the fractional tokens on their behalf. If the lptoken.mint function is missing a che...
sellQuote might lead to unexpected reverts when returning zero
Lines of code Vulnerability details Impact the implementation of sellQuote follows the logic of getAmountOut from Uniswap V2 Library. However it doesn't add +1 as the original implementation, this could make the function return zero and lead to reverts. Proof of Concept Tools Used Manual review...
Funds will be lost if the contract handling the refunds are unable to handle them at the moment
Lines of code Vulnerability details The return values of low-level calls are not checked Impact If the fund transfer results in a revert on the recipient's end, e.g. due to being paused, the code will continue on as if it had been successful, and the Ether will be lost. Proof of Concept Return...
Malicious users can block listing
Lines of code Vulnerability details Impact In the OptimisticListingSeaport contract, any user with the Rae token corresponding to this Vault can call the propose function to create a listing proposal, which can be used for listing when the proposal exists over PROPOSALPERIOD. function listaddress...
A malicious early user/attacker can manipulate the lpToken's pricePerShare to take an unfair share of future users' deposits
Lines of code Vulnerability details Impact A well known attack vector for almost all shares based liquidity pool contracts, where an early user can manipulate the price per share and profit from late users' deposits because of the precision loss caused by the rather large value of price per share...
Not enough margin pulled or burned from user when adding to a position
Lines of code Vulnerability details Impact When adding to a position, the amount of margin pulled from the user is not as much as it should be, which leaks value from the protocol and lowering the collateralization ratio of tigAsset. Proof of Concept In Trading.addToPosition the handleDeposit...
Irrelevant error message from PrePOMarket.redeem() worries users
Lines of code Vulnerability details Impact Users may receive error messages fee = 0 whenever making a redemption from PrePOMarket contract if the redemption amout is not enough. The error message is irrelevant to users. It's related to the protocol processing the redemption. If a user receives...
Pool with any fee tier can be created
Lines of code Vulnerability details Impact Pool with any fee tier can be created Proof of Concept There is a section in this medium: In Fee Structure: Maverick AMM supports initializing pools with arbitrary fee rates, but it is expected that LPs will choose from one of the following “standard” fe...
User may be blocked from market withdrawal for extended period of time
Lines of code Vulnerability details Impact WithdrawalHook::lastUserPeriodReset is global for all users, which means that each time that lastUserPeriodReset + userPeriodLength it'is able to block user from withdrawal', async = let previousResetTimestamp = await getLastTimestampethers.provider //...
A whale user is able to cause freeze of funds of other users by bypassing withdraw limit
Lines of code Vulnerability details Description In Collateral.sol, users may withdraw underlying tokens using withdraw. Importantly, the withdrawal must be approved by withdrawHook if set: function withdrawuint256 amount external override nonReentrant uint256 baseTokenAmount = amount...
Re-entrancy issue when executing safeTransfer in sweepToken function
Lines of code Vulnerability details Impact In the sweepToken function, we don't have a re-Entrancy check which will introduce the token lost by calling sweepToken multiple times during one request. Proof of Concept We don't have any check for the token and the token itself may call back into the...
Malicious feeReceiver or saleReceiver can steal the user's refund ETH by calling the buy function multiple times in LPDA
Lines of code Vulnerability details Impact In the LPDA contract, the fee is transfered to feeReceiver and the totalSale to saleReceiver when newId == temp.finalId, meaning that the amount of tokens that were minted has been reached. However, the call to the internal end function only emits an eve...
Use Of block.timestamp Can Result In Attacker Manipulating His/Her Rewards In Their Favour
Lines of code Vulnerability details Impact If an attacker manipulates the block.timestamp in their favor then they can get higher rewards as uint256 rewards = u.rewards + u.lastBalance block.timestamp - u.lastUpdate in this equation lets say the attacker called this just now , and on the next...
1) THERE IS CONFLICT IN REQUIRE STATMENT. IN finalizeDeposit FUNCTION CHECKS require (msg.sender == l1Bridge, "mq"). IN bridgeMint FUNCTION IMPLEMENTATIONS onlyBridge Modifier CHECKS require(msg.sender == l2Bridge).
Lines of code Vulnerability details 1. Impact Let assume if we calling bridgeMint from finalizeDeposit function the msg.sender is l1bridge . if the msg.sender is not l1bridge can't run the finalizeDeposit but as per bridgeMint the msg.sender should be l2bridge. So it will cause the conflict . the...
Bidder can abuse the bidIndices[] in finalize()
Lines of code Vulnerability details Impact finalize could be called by anyone, and the input array bidIndices is not sanity checked. Some malicious bidder can trick the bidIndices to always get the reserveQuotePerBase price. The seller would incur some loss. The other bidders are grieved, wasting...
reentrancyGuardInitializer modifier used on constructor and Initialize functions
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. In L1EthBridge.sol there are two places where the reentrancyGuardInitializer modifier is used. It's found on both the constructor function and also on the initialize function. This is a problem because...
Owner can bypass reward token protection in recoverERC20 to instantly steal all tokens in contract
Lines of code Vulnerability details Description WardenPledge contract has a sweeping function recoverERC20 to handle mistakenly sent ERC20 tokens: function recoverERC20address token external onlyOwner returnsbool ifminAmountRewardTokentoken != 0 revert Errors.CannotRecoverToken; uint256 amount =...
Oracle Price Calculation will Return Wrong Price for Certain Tokens
Lines of code Vulnerability details Impact viewPrice and getPrice functions of Oracle.sol has wrong price calculation implementation and so it will return wrong price for certain tokens. It only works well for tokens that has 18 decimals. This is because of hard-coded "36" in these functions line...
Admin can rug
Lines of code Vulnerability details Impact Admin can rug all of the contract's funds Proof of Concept The function recoverERC20 is only callable by the owner and its goal is: @notice Recovers ERC2O tokens sent by mistake to the contract. The call fails if minAmountRewardTokentoken != 0 , which is...
If a market with a collateral that has feedDecimals + tokenDecimals > 36 is added it won’t be functional
Lines of code Vulnerability details Proof of Concept Chainlink price feeds usually have 18 decimals, but this is not guaranteed. Also tokens usually have 18 decimals or less but this is also not the case for 100% of widely used tokens YAM-v2 has 24. So the normal use case is when both the feed an...
LayerZero Channel can be blocked by an attacker
Lines of code Vulnerability details Impact According to the LayerZero docs, the default behavior is that when a transaction on the destination application fails, the channel between the source and destination is blocked. Before any new transactions can be executed, the failed transaction has to b...
Incorrect output amount calculation for Trader Joe V1 pools
Lines of code Vulnerability details Impact Output amount is calculated incorrectly for a Trader Joe V1 pool when swapping tokens across multiple pools and some of the pools in the chain are V1 ones. Calculated amounts will always be smaller than expected ones, which will always affect chained swa...
No withdraw mechanism for eth sent to GraphProxy contract
Lines of code Vulnerability details Impact The GraphProxy contract implements receive and fallback functions to receive funds. However, there is no method associated with a user to withdraw his funds which might be sent accidentally to the proxy contract, thus leading to most of the eth locked in...
Incorrect implementation of the MerkleVerifier.sol library
Lines of code Vulnerability details Impact The MerkleVerifier results in an incorrect verification of the Merkle Tree. Description Using a simple test case from and deploying the contracts with MerkleVerifier.sol. We can see that the results differs when attempting to verify the Merkle Tree. Test...
computeAddress does not follow the standard procedure to compute the address. The contract can not create pool for some pairs due to hash collision
Lines of code Vulnerability details Impact Poor source of randomness, an attacker can easily decipher the computed address. The contract can be easily tricked. This can cause hash collision, due to this, for some pairs, the contract can not create pool. Proof of Concept AlgebraFactory.solL123 : T...
Gobbler Merkle tree vulnerable to second preimage attack
Lines of code Vulnerability details Impact The Merkle tree is vulnerable to a second preimage attack due to the fact that there is no prefix to distinguish between leaves an intermediate nodes Proof of Concept There are no prefixes added to the values in MerkleProofLib and none included in what's...
The user Can't swap their frxETH to ETH
Lines of code Vulnerability details Impact I’m so confused I didn't find any logic to withdrawing my funds ETH by transferring my frxETH Recommended Mitigation Steps Create logic for withdrawals swap --- The text was updated successfully, but these errors were encountered: All reactions...
Rebasing tokens can ruin the claiming
Lines of code Vulnerability details Rebasing tokens has the ability to use all the funds before all the recipients fulfilled their vestings. This can happen as the system records balance in nominals terms, while it can be rebased thereafter, which will create a discrepancy with system's accountin...
Revoking a claim blocks a recipient from withdrawing any unclaimed but due amount.
Lines of code Vulnerability details Impact Whenever an admin revokes a claim and the recipient has any unclaimed but vested balance , the unclaimed part is also revoked. Take for instance a total amount of 365 tokens vested over 1 year with a release interval of 1 day. If the recipient at day 30...
Griefing attack on the Vaults is possible, withdrawing the winning side stakes
Lines of code Vulnerability details Anyone can withdraw to receiver once the receiver is isApprovedForAllowner, receiver. The funds will be sent to receiver, but it will happen whenever an arbitrary msg.sender wants. The only precondition is the presence of any approvals. This can be easily used ...
Lack of check if token is a contract
Lines of code Vulnerability details Impact solmate won't check if the token is a contract or not. It's possible for an attacker to the create a vault for a non existing token with a deterministic address. The problem occurs if the token gets deployed later, and another user tries to use this toke...
PegOracle reported fraction price is constructed to favor the depeg
Lines of code Vulnerability details Depeg event is defined as linked asset price being below the strike price in the terms of the underlying asset. However, the PegOracle aimed to report the fraction of the pegged asset to the underlying always reports the number below 1, no matter how prices are...
Unsafe ERC721 operations
Lines of code Vulnerability details Impact It is recommended to use safeTransfer and safeTransferFrom when transferring ERC721 and ERC20 token Tools Used Manual audit Recommended Mitigation Steps Use the safeTransfer and safeTransferFrom functions to transfer ERC721 and ERC20 tokens --- The text...
burnFeiHeld() in SimpleFeiDaiPSM burns FEI balance of contract, which includes FEI received because of redeems and FEI transferred or minted for the contract address. contract should only burn FEI received in redeems. this functionality a backdoor to transfer and burn FEI tokens by this contract.
Lines of code Vulnerability details Impact it's possible to burn FEI tokens without receiving DAI tokens, one can transfer FEI tokens to SimpleFeiDaiPSM contract address and then call burnFeiHeld to burn FEI tokens. this is a backdoor to burn FEI tokens. the contract should only burn FEI tokens...
transferFrom() failure in _safeTransferFrom() could drain the pair
Lines of code Vulnerability details Impact For some tokens, tokenCon.transferFrom could fail and return false but not revert. Some malicious user can abuse it the addLiquidity/addLiquidityCANTO function to perform failure transferFrom but still get the liquidity, and later remove liquidity to dra...
NounsDAOLogicV2.sol funds will be instantaneously drained if the private keys become compromised
Lines of code Vulnerability details Impact If the admin gets compromised, all the ether in NounsDAOLogicV2.sol will be drained. function withdraw external if msg.sender != admin revert AdminOnly; uint256 amount = addressthis.balance; bool sent, = msg.sender.call value: amount ''; emit...
Use of transfer() instead of call() to send eth
Lines of code Vulnerability details Use of transfer instead of call to send eth Impact OZSafeERC20.safeTransfer relies on transfer at the end, but with a check of the returning value. Same happens with OZSafeERC20.safeTransferFrom and transferFrom. However, the use of transfer might render ETH...
Calling borrowAsset function with 0 _collateralAmount can borrow asset tokens without providing any collateral tokens
Lines of code Vulnerability details Impact The borrowAsset function can be called with the collateralAmount input being set to 0. This will successfully bypass the step for providing any collateral tokens while directly borrowing the asset tokens. When a borrower borrows assets without providing...
Return values not being checked
Lines of code Vulnerability details Return values not being checked Impact Return values not being checked may lead into unexpected behaviors with functions. Not events/Error are being emitted if that fails, so functions would be called even of not being working as expect as for example...
If maxLTV == 0 case is used for allowing unlimited borrowing without any collateral, borrower whitelist must be enforced.
Lines of code Vulnerability details Impact If maxLTV == 0 case is used for allowing unlimited borrowing without any collateral, borrower whitelist must be enforced since it is a kind of undercollateral. Proof of Concept function isSolventaddress borrower, uint256 exchangeRate internal view return...