ERC4626Cloned.previewMint() causes malicious users to can exclusive access to vault

Lines of code Vulnerability details Impact exclusive access to vault,Other users will not be able to mint Proof of Concept In the previewMint method, if the first user mint, no matter how many shares the user passes in, only 10e18 assets are needed function previewMintuint256 shares public view...

IRREVERSIBLE SHUTDOWN FUNCTION

Lines of code Vulnerability details Impact The abstract contract VaultImplementation is inherited by Vault.sol and PublicVault.sol. Its shutdown can be called by the strategist to make loadVISlot.isShutdown = true. This will make the modifier whenNotPaused revert, rendering commitToLien and...

LienToken.transferFrom There is a possibility of malicious attack

Lines of code Vulnerability details Impact Corrupt multiple key properties of public vault, causing vault not to function properly Proof of Concept When LienToken.makePayment/buyoutLien/payDebtViaClearingHouse If it corresponds to PublicVault, it will make multiple changes to the vault, such as:...

Centralization risk

Lines of code Vulnerability details Impact MANAGERADMIN can set a very high value for minimumRedeemAmount which will ensure that all attempt to redeem amount simply fails Proof of Concept 1. User A wants to redeem amount 100000 using the requestRedemption function 2. Before User A can do so,...

Unsafe Storage Layout

Lines of code Vulnerability details Potentially lead to storage collision and cause the account to be re-initialized or have ownership transferred. Use upgradeable DiamondStorage for all inherited contracts. --- The text was updated successfully, but these errors were encountered: All reactions...

incorrect message signer check in ecrecover() and no validation for oracleSigner which would cause all the unsigned messagess to be considered asvalid ones

Lines of code Vulnerability details Impact address oracleSigner has been used to verify signed messages by comparing the return value of ecrecover by oracleSigner. but the return value of ecrecover would be 0x0 and code doesn't check that return value is not 0x0. if owner set oracleSigner as 0x0 ...

Reentrancy issue #2: Functions remove() and sell() are vulnerable to reentrancy attack if baseToken implement a call to receiver in _beforeTokenTransfer().

Lines of code Vulnerability details It is important to be aware that I have reported two reentrancy bugs. Each of these have different ways of being activated and can be found in separate functions. Impact All calculations done in Caviar Pair are using token balance directly. For example, when...

Missing approval check

Lines of code Vulnerability details Proof of Concept The lpToken.mint function is called with the msg.sender as the recipient, but there is no check to ensure that the sender has approved the contract to transfer the fractional tokens on their behalf. If the lptoken.mint function is missing a che...

Attacker can delay proposal rejection

Lines of code Vulnerability details Impact In OptimisticListingSeaport.rejectProposal, it revert if proposedListing.collateral if proposedListing.collateral proposedListing.collateral -= amount; Proof of Concept 1. Attacker propose at 10000 collateral at a very low price 2. Bob try to reject it b...

[M-0] Unhandled return values of transfer

Lines of code Vulnerability details c4udit Report Issues found M-0 Unhandled return values of transfer Impact Some implementations of transfer could return ‘false’ on failure instead of reverting. Findings: src\Pair.sol::85 = transferFrommsg.sender, addressthis, fractionalTokenAmount;...

GroupBuy may purchase NFT not in the allowed list

Lines of code Vulnerability details Impact When purchaseProof.length == 0, GroupBuy.purchase compare the tokenId with the merkleRoot. This allow any tokenId that match the merkleRoot to be purchased, even if they are not included in the allow list during setup. if purchaseProof.length == 0 //...

Generalized frontrunning risk for claiming winnings due to request.currentChosenTokenId being public

Lines of code Vulnerability details Impact The function VRFNFTRandomDraw.sol:fulfillRandomWords called by Chainlink receives an array of random words, and uses it to choose a random offset by which the winning tokenId is selected. The chosen tokenId is stored on the public request variable in the...

Wrong value of MONTH_IN_SECONDS could make it impossible to recover NFT in 7 years

Lines of code Vulnerability details Impact Constant MONTHINSECONDS has incorrect value. Instead of 1 month, it has the value of 7 months. // @dev about 30 days in a month uint256 immutable MONTHINSECONDS = 3600 24 7 30; // @audit wrong value, could allow bufferTime and recoverTimelock become too...

Not enough margin pulled or burned from user when adding to a position

Lines of code Vulnerability details Impact When adding to a position, the amount of margin pulled from the user is not as much as it should be, which leaks value from the protocol and lowering the collateralization ratio of tigAsset. Proof of Concept In Trading.addToPosition the handleDeposit...

Ignored return value from "IERC20.transferFrom()"

Lines of code Vulnerability details Impact The return value from IERC20.transferFrom in "StableVault" was not checked, a malicious actor could first deposit a number of tokens without actually having it and then subsequently withdraw that amount of tokens from the "StableVault" Proof of Concept...

Pool with any fee tier can be created

Lines of code Vulnerability details Impact Pool with any fee tier can be created Proof of Concept There is a section in this medium: In Fee Structure: Maverick AMM supports initializing pools with arbitrary fee rates, but it is expected that LPs will choose from one of the following “standard” fe...

Irrelevant error message from PrePOMarket.redeem() worries users

Lines of code Vulnerability details Impact Users may receive error messages fee = 0 whenever making a redemption from PrePOMarket contract if the redemption amout is not enough. The error message is irrelevant to users. It's related to the protocol processing the redemption. If a user receives...

POSSIBLE FRONTRUNNING ATTACK ON MINTING LONG/SHORT POSITIONS

Lines of code Vulnerability details Impact createMarket function in PrePOMarketFactory.sol contract creates a new PrePOMarket contract. Salt is used for creating the contract which is computed from createPairTokens function. Variables passed to this function are visible from anyone they are input...

THE FUNCTION LOGIC OF _REMOVEFEEDER() IS FLAWED

Lines of code Vulnerability details Impact When the admin calls removeFeeder, it will internally call removeFeeder that will have the feeder removed from feeders before getting its UPDATEROLE revoked. In the midst of doing this, the protocol forgets to update index of feederPositionMap belonging ...

Funds reserved for refunding users can be steal in LPDA sale

Lines of code Vulnerability details Impact LPDA sale works like a Dutch Auction, where early buyers will get refund after the sale ended. In addition, in buy function, when last NFT is saled, it is automatically ending the LPDA sale and send payments to sale receiver, fee to fee receiver. And the...

Possible negative price on LPDA causes sale and refund mechanism to not working

Lines of code Vulnerability details Impact Possible negative price on LPDA causes sale and refund mechanism to not working Proof of Concept function getPrice public view returns uint256 Sale memory temp = sale; uint256 start, uint256 end = temp.startTime, temp.endTime; if block.timestamp...

[ZZ-001] PARENT_CANNOT_CONTROL and CANNOT_CREATE_SUBDOMAIN fuses can be bypassed

Severity: High Status: Has been reported to and comfirmed by Jeff ENS team Report Time: 11/28/2022 12:31 AM EST Description The fuse constraints can be violated by a malicious owner of the parent node i.e., the hacker. There are two specific consequences the hacker can cause. Suppose the subnode...

Upgraded Q -> M from #334 [1668467418003]

Judge has assessed an item in Issue 334 as M risk. The relevant finding follows: 2. Rug vectors by the owner A malicious owner can call setLBPairImplementation, setFeeRecipient, setFlashLoanFee , setFeesParameters and forceDecay to advantage himself at expenses of the users...

LooksRareProxy is missing the fee mechanism, protocol may loss the revenue from fee

Lines of code Vulnerability details Impact LooksRareProxy is missing the fee mechanism, the protocol may lose revenue from the fee. Even if you intend to have a free fee, the fee mechanism should be implemented in case you need to enforce the fee in the future. Proof of Concept function execute...

_returnETHIfAny() can silently fail, leading to an originator not getting the expected refund

Lines of code Vulnerability details The execute function refunds the unused ETH back to the originator through returnETHIfAny. This internal function uses a low-level call to transfer the ETH. The issue is that the return value of the call is not checked. As per the Solidity documentation...

Bidder can abuse the bidIndices[] in finalize()

Lines of code Vulnerability details Impact finalize could be called by anyone, and the input array bidIndices is not sanity checked. Some malicious bidder can trick the bidIndices to always get the reserveQuotePerBase price. The seller would incur some loss. The other bidders are grieved, wasting...

Solmate's SafeTransferLib won't check if token has code, which can affect transfers in SizeSealed

Lines of code Vulnerability details Impact Not checking for token existence is a know issue for Solmate. This can cause unexpected contract functionality for transfers implemented in SizeSealed. Note that this might not be a problem for baseToken due to the check implemented in L103. However, thi...

Hacker can front-run the L2 ERC20 token deployment.

Lines of code Vulnerability details Impact hacker can front-run the L2 ERC20 token deployment to block L2 ERC20 token finalizeDeposit Proof of Concept I intend to prove this piece of code is front-runnable by hacker: /// @notice Finalize the deposit and mint funds /// @param l1Sender The account...

reentrancyGuardInitializer modifier used on constructor and Initialize functions

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. In L1EthBridge.sol there are two places where the reentrancyGuardInitializer modifier is used. It's found on both the constructor function and also on the initialize function. This is a problem because...

Owner can bypass reward token protection in recoverERC20 to instantly steal all tokens in contract

Lines of code Vulnerability details Description WardenPledge contract has a sweeping function recoverERC20 to handle mistakenly sent ERC20 tokens: function recoverERC20address token external onlyOwner returnsbool ifminAmountRewardTokentoken != 0 revert Errors.CannotRecoverToken; uint256 amount =...

Oracle Price Calculation will Return Wrong Price for Certain Tokens

Lines of code Vulnerability details Impact viewPrice and getPrice functions of Oracle.sol has wrong price calculation implementation and so it will return wrong price for certain tokens. It only works well for tokens that has 18 decimals. This is because of hard-coded "36" in these functions line...

_payoutToken[s]() is not compatible with tokens with missing return value

Lines of code Vulnerability details Impact Payout is blocked and tokens are stuck in contract. Proof of Concept PA1D.payoutToken and PA1D.payoutTokens call ERC20.transfer in a require-statement to send tokens to a list of payout recipients. Some tokens do not return a bool e.g. USDT, BNB, OMG on...

Duplicated / Split H -> H from 461 [1666620942709]

Judge has assessed an item in Issue 461 as High risk. The relevant finding follows: Lines of code Vulnerability details Impact In VoteEscrowDelegation contract, the writeCheckpoint internal function has major logic errors which will make the delegate external function to always revert. Proof of...

TokenHelper.sol#L40 : safeTransfer will revert due to insufficient gas.

Lines of code Vulnerability details Impact I am adding as high issue since most of the calling is done using the safeTransfer TokenHelper.solL40 : safeTransfer will revert due to insufficient gas. All the fuctions that are using the safeTransfer could fail due to insufficient gas. I see the...

Upgraded Q -> M from 236 [1666363743332]

Judge has assessed an item in Issue 236 as Medium risk. The relevant finding follows: ERC721 token can be lost in fillAsk PROBLEM When a user fills an ask order by calling fillAsk, the ERC721.transferFrom method is used to transfer the NFT to the receiver. Should the receiver be a smart contract...

Atomicity Literally NOT Guaranteed

Lines of code Vulnerability details Impact According to the Arbitrum documentation, "... Cross chain and cross shard interoperability is a hard problem, ... It's important to differentiate between calls from Ethereum to Arbitrum and calls from Arbitrum to Ethereum. Ethereum contracts can send...

Incorrect implementation of the MerkleVerifier.sol library

Lines of code Vulnerability details Impact The MerkleVerifier results in an incorrect verification of the Merkle Tree. Description Using a simple test case from and deploying the contracts with MerkleVerifier.sol. We can see that the results differs when attempting to verify the Merkle Tree. Test...

computeAddress does not follow the standard procedure to compute the address. The contract can not create pool for some pairs due to hash collision

Lines of code Vulnerability details Impact Poor source of randomness, an attacker can easily decipher the computed address. The contract can be easily tricked. This can cause hash collision, due to this, for some pairs, the contract can not create pool. Proof of Concept AlgebraFactory.solL123 : T...

Upgraded Q -> M from 238 [1664280434191]

Judge has assessed an item in Issue 238 as Medium risk. The relevant finding follows: 5. Wrong comparison result when the length is longer than 32 File: contracts\dnssec-oracle\BytesUtils.sol 44: function comparebytes memory self, uint offset, uint len, bytes memory other, uint otheroffset, uint...

Mistakenly use of arithmetic operation can lead to loss

Lines of code Vulnerability details Mistakenly use of arithmetic operation can lead to loss Description Calculating the values can somewhat correct to what you need but this is a great mistake of calculation which should be overcomed .Now why should this be overcomed? Since in Solidity, the order...

Revoking a claim blocks a recipient from withdrawing any unclaimed but due amount.

Lines of code Vulnerability details Impact Whenever an admin revokes a claim and the recipient has any unclaimed but vested balance , the unclaimed part is also revoked. Take for instance a total amount of 365 tokens vested over 1 year with a release interval of 1 day. If the recipient at day 30...

Employee can be unable to withdraw claimable amount that she or he deserves after admin revokes her or his claim

Lines of code Vulnerability details Impact When an employee has an active claim, this employee can call the following withdraw function to withdraw the claimable amount that she or he is entitled to, which would increase her or his claim's amountWithdrawn. Because the employee is free to call...

Rebasing tokens can ruin the claiming

Lines of code Vulnerability details Rebasing tokens has the ability to use all the funds before all the recipients fulfilled their vestings. This can happen as the system records balance in nominals terms, while it can be rebased thereafter, which will create a discrepancy with system's accountin...

Unsafe ERC721 operations

Lines of code Vulnerability details Impact It is recommended to use safeTransfer and safeTransferFrom when transferring ERC721 and ERC20 token Tools Used Manual audit Recommended Mitigation Steps Use the safeTransfer and safeTransferFrom functions to transfer ERC721 and ERC20 tokens --- The text...

Problems with PegOracle

Lines of code Vulnerability details Impact There are at least a few problems with the PegOracle. I am grouping them into one submission because some of them are not that significant but the last one I believe deserves a higher severity. 1. Function latestRoundData queries getOracle2Price but...

An operator can steal an NFT after its listed

Lines of code Vulnerability details Impact The ArbitraryCallsProposal contract prevents calls to setApprovalForAll on NFTs the Party owns. If an NFT is listed, calls to setApprovalForAll via the ArbitraryCallsProposal contract will succeed because the Party isn’t in possession of the NFT. Anyone...

No validation on wcanto may lead into lock deposit because of arbitrary address in deposit call

Lines of code Vulnerability details No validation on wcanto may lead into lock deposit because of arbitrary address in deposit call Impact Address wcanto is not being validated. In case of wrong deployment, function swapExactCANTOForTokens will lock ether in a wrong contract. Consideration...

PRICE's getCurrentPrice() can return zero price

Lines of code Vulnerability details Currently no price validity check is performed in getCurrentPrice. This way zero ohmEthPriceFeed.latestRoundData produced prices will yield zero getCurrentPrice which will be passed over to the logic. Also, negative OHM price or zero / negative reserve...

Voting signature malleability of EVM's ecrecover in castVoteBySig

Lines of code Vulnerability details Proof of Concept EVM's ecrecover is susceptible to signature malleability which allows replay attacks, but that is mitigated here by doing receipt.hasVoted = true;. However, if any of the application logic changes, it might make signature malleability a risk fo...

No Return Data Checks on Chainlink's latestRoundData() Might Return Stale Prices

Lines of code Vulnerability details Impact The updateExchangeRate function of FraxlendPairCore contract gets price using chainlink latestRoundData function. However it lacks the check on the return data and this might lead to stale prices. Proof of Concept ./FraxlendPairCore.sol:524: , int256...