Use of transfer() instead of call() to send eth

Lines of code Vulnerability details Use of transfer instead of call to send eth Impact OZSafeERC20.safeTransfer relies on transfer at the end, but with a check of the returning value. Same happens with OZSafeERC20.safeTransferFrom and transferFrom. However, the use of transfer might render ETH...

Unclaimed interest is 0 within 24 hours since the last time that loan is lent or interest is earned for project

Lines of code Vulnerability details Impact When returnToLender is called, the unclaimed interest is calculated as below. uint256 noOfDays = block.timestamp - communityProject.lastTimestamp / 86400; // 246060 /// Interest formula = principal APR days / 365 1000 // prettier-ignore uint256...

No storage gap for Upgradable contract might lead to storage slot collision

Lines of code Vulnerability details Impact For Upgradable contracts, there must be storage gap to “allow developers to freely add new state variables in the future without compromising the storage compatibility with existing deployments” quote OpenZeppelin. Otherwise it may be very difficult to...

PTP-03: Unsafe logic in repayLender() function

Lines of code Vulnerability details PTP-03: Unsafe logic in repayLender function Impact reduceDebt internal function is called before the actual transfer of tokens, meaning that it doesn't matter if the transaction fails or succeeds for any reason, debt will be reduced, causing a loss for the...

Missing EIP-155 replay attack protection

Lines of code Vulnerability details Impact publishProject/addMember/escrow in Community and inviteContractor/updateProjectHash/addTasks/setComplete/changeOrder in Project use ecrecover for signed messages to check access. However, all signed messages that is used to check access do not include an...

Anyone Can Become Owner Of XC20Wrapper Contract

Lines of code Vulnerability details Anyone can become the owner of the XC20Wrapper contract by calling the XC20Wrapper.setup function. Proof-of-Concept The XC20Wrapper contract inherits from Upgradable contract. contract XC20Wrapper is AxelarExecutable, Upgradable As such, the XC20Wrapper contrac...

Functions that send Ether to arbitrary destinations

Lines of code Vulnerability details M-1. Functions that send Ether to arbitrary destinations Description Unprotected call to a function that allow a user to refund to another address. Mitigation Ensure that an arbitrary user cannot withdraw unauthorized funds...

Impossible to delegate

Lines of code Vulnerability details Impact It's impossible to delegate to a token, because the first delegation will always revert. Consider there's no delegation so far, meaning that every token will have numCheckpointstoken = 0. When calling delegate, we will have nCheckpoints = 0 and the call...

arbitrary low level call

Lines of code Vulnerability details Impact An attacker may perform call to an arbitrary address with controlled calldata Proof of Concept File: contracts\DepositHandler.sol: 23 if callee.code.length == 0 revert NotContract; 24: success, returnData = callee.calldata; 25 references: Tools Used vsco...

Use SAFETRANSFERFROM() instead of TRANSFERFROM() for ERC721 TRANSFERS

Lines of code Vulnerability details Impact In NameWrapper.sol the wrapETH2LD and unwrapETH2LD functions call transferFrom on a ERC721 token. This does not ensure that the token is not sent to an address that is not able to properly support it which could result in the loss of the token. This is...

There is no method to unignore any ignored pair.

Lines of code Vulnerability details Impact The Witch contract uses setIgnoredPair function to prevent the liquidation of accepted pairs on the governance level. However, there is no method to remove these pairs from the ignoredPairs mapping. Proof of Concept Imagine there are vaults with UST/fyUS...

Vaults are not locked properly

Lines of code Vulnerability details Impact Even though after Auction starts, Vault ownership moves to Witch but still Cauldron Admin can perform operations on this Vault. This includes transferring funds from a Vault which has live Auction ongoing Proof of Concept 1. Auction is started on Vault i...

zcTokens cannot be redeemed through authRedeemZcToken()

Lines of code Vulnerability details Impact The description of the function says "Allows users to redeem zcTokens and withdraw underlying, boiling up from the zcToken instead of starting on Swivel". In order for the function to be called, it needs to pass the modifier authorizedmarketPlace, where...

Mismatch in withdraw() between Yearn and other protocols can prevent Users from redeeming zcTokens and permanently lock funds

Lines of code Vulnerability details Impact As defined in the docs for Euler, ERC4626, Compound and Aave, when withdrawing and depositing funds the amount specified corresponds excactly to how many of the underlying assets are deposited or withdrawn. However, as specified by Yearn, the yearn...

The FERC1155.sol don't respect the EIP2981

Lines of code Vulnerability details Impact The EIP-2981: NFT Royalty Standard implementation is incomplete, missing the implementation of function supportsInterfacebytes4 interfaceID external view returns bool; from the EIP-165: Standard Interface Detection Proof of Concept A marketplace...

Committed Unsuccessful Migration can be settled later on

Lines of code Vulnerability details Impact When committing a migration proposal, it's status is changed to isCommited = true and the buyout starts. After 4 days, the buyout ends. Considering the case it was rejected, its status goes to INACTIVE. Nothing happens to the proposal in the Migration...

The reserves accounting breaks when total balances surpas type(int256).max

Lines of code Vulnerability details Reserved tokens do not get minted automatically when a new payment is received. Instead, they must be explicitly distributed during the funding cycle which contains the reserved rate and splits that should be applied. If a funding cycle's reserved rate or split...

PuttyV2.sol is allowing the cancelled orders to exercise and withdraw

Lines of code Vulnerability details Impact A cancelled order can be exercised and withdrawn Proof of Concept function exerciseOrder memory order, uint256 calldata floorAssetTokenIds public payable / CHECKS / bytes32 orderHash = hashOrderorder; // check user owns the position...

Multiple initialization in NoteInterest

Lines of code Vulnerability details Impact The initialize method of the contract NoteInterest can be initialized multiple times. Proof of Concept The method initialize of the contract NoteInterest looks like this: function initializeaddress cnoteAddr, address oracleAddress external if msg.sender ...

Potential denial of service issues

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. I noticed that the withdrawUnsettledBids and redeem functions return the Ether amount by calling safeTransferETH, but if the to address passed in is a malicious contract address and the receive function...

Fee Was Not Charged When Buying On Secondary Curve

Lines of code Vulnerability details Proof-of-Concept Per the documentation, the admin and curator fees are charged when buying on the secondary curve. Whenever someone mints and burns tokens on the bonding curve, they need to pay some trading fees which is accrued in ETH Within the NibblVault.buy...

DOS set token through erc777 hook

Lines of code Vulnerability details Impact The wfCash is an erc777 token. ERC777.solL376-L380 Users can get the control flow before sending token and after receiving tokens. This creates attack vectors that require extra caution in designing modules. Any combination of modules may lead to a...

Rounding Issues In Certain Functions

Lines of code Vulnerability details Background Per EIP 4626's Security Considerations Finally, ERC-4626 Vault implementers should be aware of the need for specific, opposing rounding directions across the different mutable and view methods, as it is considered most secure to favor the Vault itsel...

Sandwitch attack in NotionalTradeModule

Lines of code Vulnerability details Impact It's possible to do a sandwitch attack in NotionalTradeModule. Proof of Concept The redeemMaturedPositions method uses a slippage of 0 when calling the redeemFCashPosition method. This will allow an attacker to take advantage of it and perform a sandwitc...

Once-off setter functions can be set multiple times

Lines of code Vulnerability details Impact The once-off setter functions don't use require to limit, resulting in multiple calls. Proof of Concept RewardsDistributor.sol // Once off event on contract initialize function setDepositoraddress depositor external requiremsg.sender == depositor;...

Consistently check account balance before and after transfers for Fee-On-Transfer discrepancies

Lines of code Vulnerability details As arbitrary ERC20 tokens can be passed, the amount here should be calculated every time to take into consideration a possible fee-on-transfer or deflation. Also, it's a good practice for the future of the solution. Affected code:...

YearnTokenAdapter allows a maximum loss of 100% when withdrawing

Lines of code Vulnerability details Impact YearnTokenAdapter allows slippage of 100% when withdrawing from the vault which will cause a loss of funds. Here's the documentation straight from the vault contract: It allows the user to specify the maxLoss as the last parameter. It determines how many...

PermissionlessBasicPoolFactory\addPool() doesn’t check whether pool.excessBeneficiary is address(0)

Lines of code Vulnerability details Impact In PermissionlessBasicPoolFactory\addPool, it doesn’t check whether pool.excessBeneficiary is address0. Therefore, when doing withdrawExcessRewards. IERC20pool.rewardTokensi.transferpool.excessBeneficiary, rewards always revert. Proof of Concept...

FixedPricePassThruGate.sol All the msg.value should be pass thru to gate.beneficiary instead of gate.ethCost

Lines of code Vulnerability details In FixedPricePassThruGate.solpassThruGate, at L48 the msg.value is checked to be = gate.ethCost instead of == gate.ethCost, which makes it possible for the caller to send more than gate.ethCost. However, at L53 only the amount of gate.ethCost is passed thru to...

PermissionlessBasicPoolFactory.sol Does Not Support Reward Tokens With Decimals Other Than 18

Lines of code Vulnerability details Impact The PermissionlessBasicPoolFactory.sol contract allows anyone to add staking pools which users can participate in to earn reward tokens. Pools are segregated to ensure malicious pools cannot siphon tokens from honest pools. Upon the addition of a new poo...

CEther.doTransferOut() May Revert Because .transfer() Uses A Fixed Amount Of Gas

Lines of code Vulnerability details Impact The .transfer function intends to transfer an ETH amount with a fixed amount of 2300 gas. This function is not equipped to handle changes in the underlying .send and .transfer functions which may supply different amounts of gas in the future. Additionall...

Users can use updateBoost function to claim unfairly large rewards from liquidity mining contracts for themselves at cost of other users.

Lines of code Vulnerability details Impact Users aware of this vulnerability could effectively steal a portion of liquidity mining rewards from honest users. Affected contracts are: SupplyMinerV2, DemandMinerV2, PARMinerV2 VotingMinerV2 is less affected because locking veMIMO in votingEscrow...

Non-standard ERC20 Tokens are Not Supported

Lines of code Vulnerability details When trying to call SuperVault.executeOperation the transaction reverts. This is because the call to asset.approve in line97 doesn't match the expected function signature of approve on the target contract like in the case of USDT. This issue exists in any call ...

_amount requires to be updated to contract balance increase (4)

Lines of code Vulnerability details Impact Every time transferFrom or transfer function in ERC20 standard is called there is a possibility that underlying smart contract did not transfer the exact amount entered. It is required to find out contract balance increase/decrease after the transfer. Th...

withdrawFees() function shoud require to address to not be zero

Lines of code Vulnerability details Impact withdrawFees don't check that to address is not zero and send fee to the address without any check that confirms admin has set the address. bentoBox don't accept transferring to zero address, otherwise this could be high risk Proof of Concept As you can...

CvxCrvRewardsLocker implements a swap without a slippage check that can result in a loss of funds through MEV

Lines of code Vulnerability details Impact The CvxCrvRewardsLocker contract swaps tokens through the CRV cvxCRV pool. But, it doesn't use any slippage checks. The swap is at risk of being frontrun / sandwiched which will result in a loss of funds. Since MEV is very prominent I think the chance of...

[WP-H0] xERC4626.sol Some users may not be able to withdraw until rewardsCycleEnd the due to underflow in beforeWithdraw()

Lines of code Vulnerability details function beforeWithdrawuint256 amount, uint256 shares internal virtual override super.beforeWithdrawamount, shares; storedTotalAssets -= amount; function syncRewards public virtual uint192 lastRewardAmount = lastRewardAmount; uint32 timestamp =...

IndexLogic: An attacker can burn other users' tokens to transfer assets to himself

Lines of code Vulnerability details Impact In the burn function of the IndexLogic contract, the user needs to transfer the tokens to the contract first, and then call the burn function to withdraw the assets. The attacker can monitor the number of tokens in the contract. When it is not 0, the...

Setting new controller can break YVaultLPFarming

Lines of code Vulnerability details Impact The accruals in yVaultLPFarming will fail if currentBalance previousBalance in computeUpdate. currentBalance = vault.balanceOfJPEG + jpeg.balanceOfaddressthis; uint256 newRewards = currentBalance - previousBalance; No funds can be withdrawn anymore as th...

Arbitrary contract call within UniV3LpVault._swap with controllable swapPath

Lines of code Vulnerability details Impact UniV3LpVault.swap utilizes swapRouter.exactInput to perform swaps between two tokens. During swaps, transfer function of each token along the path will be called to propagate the assets. Since anyone can create a uniswap pair of arbitrary assets, it is...

Malicious user can indefinitely freeze the funds of another user

Lines of code Vulnerability details Impact By design, a user's cooldown period is extended if they receive a transfer of hPal. The cooldown is extended based on the weight of the receiver's original balance and cooldown period compared to the sent amount and sender's cooldown period. Due to this...

Incorrect implementation of the batchRemoveDex function in DexManagerFacet

Lines of code Vulnerability details Impact The batchRemoveDex function does not work as expected. It should remove all the given DEX addresses from the dexWhitelist. However, it only removes the first successfully found DEX address and then stops removing the rest. The functionality is broken, an...

[WP-H6] Swapper can be used to steal all the funds from the contract

Lines of code Vulnerability details function swapTokensGenericLiFiData memory lifiData, LibSwap.SwapData calldata swapData public payable uint256 receivingAssetIdBalance = LibAsset.getOwnBalancelifiData.receivingAssetId; // Swap executeSwapslifiData, swapData; uint256 postSwapBalance =...

Incorrect number of seconds in ONE_YEAR variable

Lines of code Vulnerability details Impact In HolyPaladinToken.sol the ONEYEAR variable claims that there are 31557600 seconds in a year when this is incorrect. The ONEYEAR variable is used in the getCurrentVotes function as well as the getPastVotes function so it is vital that the correct time i...

Missing input validation could lead to loss of fund

Lines of code Vulnerability details Impact A faulty input in GenericSwapFacet.swapTokensGeneric could cause funds to get stuck in the contract. In addition, tokens left in the LiFi contract can be retrieved by anyone see issue: ERC20 withdrawals can be frontrun, leading to loss of fund. Proof of...

[WP-H4] Initializer of QuantConfig.sol can rug users

Lines of code Vulnerability details function initializeaddress payable timelockController public override initializer require timelockController != address0, "QuantConfig: invalid TimelockController address" ; AccessControlinit; Ownableinitunchained; setupRoleDEFAULTADMINROLE, msgSender;...

ConfigTimeLockController will put QuantConfig in a stalemate(rendering it unusable)

Lines of code Vulnerability details The QuantConfig contract has these important setters, setProtocolAddress, setProtocolUint256, setProtocolBoolean and setProtocolRole. This contract is subjected to a timelock before all such processes above are executed. But, the issue arises in the fact that i...

Block delays can be bypassed with two flash loans instead of one

Lines of code Vulnerability details The README.md states: Withdrawals must be requested in a prior block via initiateWithdrawaluint256 amount . The number of blocks until a request expires is settable by the vault owner . This is mainly for mitigating the feasibility of a flash loan attack. Impac...

Manipulations of setFee

Lines of code Vulnerability details Impact If we consider that the fee variable is meaningfully applied, there will still be several problems with this: 1. Admin can setFee up to 100%. This is bad for users, fees should have a reasonable upper limit, e.g. 30% to prevent potential griefing. 2...

Profile creation can be frontrun

Lines of code Vulnerability details Impact The LensHub/PublishingLogic.createProfile function can be frontrun by other whitelisted profile creators. An attacker can observe pending createProfile transactions and frontrun them, own that handle, and demand ransom from the original transaction...