WETH transfer may fail silently in 'uniswapV3SwapCallback' function and execution may stop without any reverts or notification.

Lines of code Vulnerability details Impact WETH transfer may fail silently in 'uniswapV3SwapCallback' function and execution may stop without any reverts or notification. Proof of Concept In the 'uniswapV3SwapCallback' function There's no checks if the WETH transfer have failed or not . If the...

Comptroller.sol#liquidateCalculateSeizeTokens assumes the same precision for vTokenBorrowed and vTokenCollateral

Lines of code Vulnerability details Impact File: Comptroller.sol 1099 uint256 exchangeRateMantissa = VTokenvTokenCollateral.exchangeRateStored; // Note: reverts on error 1100 uint256 seizeTokens; 1101 Exp memory numerator; 1102 Exp memory denominator; 1103 Exp memory ratio; 1104 1105 numerator =...

Holders only get the rewards they Accrued for supplying when they claim rewards in the RewardsDistributor.sol .

Lines of code Vulnerability details Holders only get the rewards they Accrued for supplying when they claim rewards in the RewardsDistributor.sol . Summary The holder only gets rewards for supplying instead of getting the rewards for both borrowing and supplying in martkets because in the...

Failure to Check for Existence Before Removal

Lines of code Vulnerability details Impact The moveLiquidity function as described. If the positionIndex.removeparams.fromIndex function call returns false, it means that the specified index was not present in the positionIndex set, and the RemovePositionFailed error is not actually applicable in...

Upgraded Q -> 2 from #298 [1683709930306]

Judge has assessed an item in Issue 298 as 2 risk. The relevant finding follows: L-01 Valid hex string is not decoded correctly by hexStringToBytes32 and reads memory out-of-boundary Links Impact Valid hexadecimal strings are not decoded correctly. Decoding reads out-of-bounds memory returning...

Upgraded Q -> 3 from #13 [1683219131959]

Judge has assessed an item in Issue 13 as 3 risk. The relevant finding follows: L-6 Consider using OpenZeppelin’s SafeCast library to prevent unexpected errors 3 --- The text was updated successfully, but these errors were encountered: 👍 1 sathishpic22 reacted with thumbs up emoji All reactions 👍...

anyone can call initialize() functions which can cause lost of funds and contract ownership

Lines of code Vulnerability details Impact Most of the smart contracts have an initialize function that anyone can call as initialize function visibility is either external or public. This could lead to a race condition when the contract is deployed. At that moment a hacker or attacker could call...

_deployPod() is using hardcoded salt value which can cause issues

Lines of code Vulnerability details Impact deployPod is deploying pod but there is a hardcoded salt value of 0 which can cause issue Proof of Concept There is a risk of address collisions if two different users call the deployPod function with the same input parameters at the same time. This coul...

Users can queue a withdrawal and potentially withdraw completely if PAUSED_EIGENPODS_VERIFY_OVERCOMMITTED = false

Lines of code Vulnerability details Impact Users can queue a withdrawal and potentially withdraw completely if PAUSEDEIGENPODSVERIFYOVERCOMMITTED = false Proof of Concept We need to look at two functions. The first one is function verifyOvercommittedStake uint40 validatorIndex,...

Slot and block number proofs not required for verification of withdrawal (multiple withdrawals possible)

Lines of code Vulnerability details Impact Since this is a vulnerability which involves multiple in-scope contracts and leads to more than one impact, let's start with a bug desciption from bottom to top. Library Merkle The methods verifyInclusionSha256proof, root, leaf, index and...

Updating a submission - testing is i can add a submission by team that was originally an issue for a single warden.

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps testings...

Upgraded Q -> 2 from #198 [1683053533286]

Judge has assessed an item in Issue 198 as 2 risk. The relevant finding follows: L2 - Royalty payment is unfair --- The text was updated successfully, but these errors were encountered: All reactions...

Claiming of domains will likely be locked due to a bad check in _enableNode

Lines of code Vulnerability details Description DNS name claims all go through claim which calls enableNode, which calls enableNode. Nodes are enabled recursively, from the root downwards.The following check occurs in enableNode: node = keccak256abi.encodePackedparentNode, label; address owner =...

Attacker can extract unlimited ZCHF by setting a high price for a position and challenging it

Lines of code Vulnerability details An attacker can act as both minter and challenger, and profit by setting an arbitrarily high price for a position way higher than what the collateral really is worth, and then immediately challenging the position. After the challenge succeeds, the attacker will...

User minting FPS can get grieved by equity loss event

Lines of code Vulnerability details minting in onTokenTransfer handles the case equity = MINIMUMEQUITY, "insuf equity"; // ensures that the initial deposit is at least 1000 ZCHF 245: 246: // Assign 1000 FPS for the initial deposit, calculate the amount otherwise 247: uint256 shares = equity =...

In ReraiseETHCrowdfund, contributors can bypass the maxContribution limit when disableContributingForExistingCard = false.

Lines of code Vulnerability details Impact ReraiseETHCrowdfund checks the maxContribution limit for each party card in claim and claimMultiple. But this limitation can be bypassed if contributors add the voting power to the existing party card. Proof of Concept When we check claim and...

InitialETHCrowdfund + ReraiseETHCrowdfund: Gatekeeper checks wrong address

Lines of code Vulnerability details Impact This vulnerability exists in both the InitialETHCrowdfund and ReraiseETHCrowdfund contracts in exactly the same way. I will continue this report by explaining the issue in only one contract. The mitigation section however contains the fix for both...

In MuteBond.deposit(), users might deposit more LPs than they expected by a malicious user

Lines of code Vulnerability details Impact Users might deposit more LPs unexpectedly if a malicious user increases an epoch by frontrunning. Proof of Concept deposit has a maxbuy param to purchase all remaining amounts. function deposituint value, address depositor, bool maxbuy external returns...

The first stake is possible after endTime

Lines of code Vulnerability details Impact Users can stake after endTime due to the wrong check. Proof of Concept When a user stakes LP tokens using MuteAmplifier.stake, stake is not allowed after endTime which is set in initializeDeposit by an admin. requireblock.timestamp endTime,...

There is a race condition betweeen MuteBond#setEpochDuration() and MuteBond#deposit()

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. There is a race condition between MuteBondsetEpochDuration and MuteBonddeposit. The issue is that when a new EpochDuration is set, it will take effect immediately, which will affect the bond price. As a...

Hardcoded poolFee in deposit() Function Cause Liquidity Depth Issue for Swap

Lines of code Vulnerability details Impact In deposit function we are using the hardcoded value of poolFee as 500 which limits the ability of liquidity providers to select the appropriate fee tier, potentially reducing the returns for liquidity providers. IWETHWETHADDRESS.depositvalue: msg.value;...

Reth slippage and fee stealing

Lines of code Vulnerability details Impact The Reth derivative contract calculates the maximum slippage for buying rETH from the Uniswap V3 pool by using the current price in the pool at runtime, without considering the price at which the user submitted the transaction to the mempool: uint...

[H-01] RETH oracle manipulation allows attacker to steal funds

Lines of code Vulnerability details Impact The Asymmetry SafEth protocol aims to help diversify and decentralize liquid staking derivatives, exchanging ether staked in the protocol for staked ether derivative tokens based on some relative weighting. A function exposed by these derivative wrapper...

Zero value used for sqrtPriceLimitX96

Lines of code Vulnerability details Impact In swapExactInputSingleHop in Reth.sol the sqrtPriceLimitX96 parameter is set to 0 which is useful for testing but can lead to price manipulation attacks. From the uniswap docs: In production, this value can be used to set the limit for the price the swa...

Contracts are susceptible for Head Overflow Bug in Calldata

Lines of code Vulnerability details Impact ABI-encoding a tuple with a statically-sized calldata array in the last component would corrupt 32 leading bytes of its first dynamically encoded component. Proof of Concept The functions are taking input arguments as calldata. Following contracts are...

The "totalRequiredBalance()" function in the TransactionHelper.sol library can compute address(uint160(_transaction.paymaster) as zero address even when _transaction.paymaster is non-zero

Lines of code Vulnerability details Impact A user may provide a non-zero entry for the "transaction.paymaster" field for a transaction to ensure they do not have to pay the gas fees. However, certain values of "transaction.paymaster" = 2^160 can result in addressuint160transaction.paymaster to be...

Default accounts cannot pay transaction fees due to DefaultAccount not calling MsgValueSimulator

Lines of code Vulnerability details Impact Default accounts cannot pay the transaction fees to the bootloader. It's not clear whether the attempts to do so will silently succeed or revert because the behaviour of the CALL opcode in the zkSync Era virtual machine isn't explained in the description...

Adding Multiple Blocks with the Same Timestamp Can Create Ambiguity in the Order of Blocks in the Blockchain Network

Lines of code Vulnerability details Impact Multiple blocks at the same timestamp creates ambiguity about the order in which these blocks should be added to the chain. This can cause inconsistencies in the state of the network and make it vulnerable to attacks such as double-spending. Proof of...

Lack of a contract existence check may lead to undesired behavior

Lines of code Vulnerability details Impact The functions NeoTokyoStaker.assetTransferFrom and NeoTokyoStaker.assetTransfer are both used as helper functions to perform low level calls, both functions revert if the low-level call fails, but no checks are made if the contract that's being called...

Unvalidated input in setManagerRight function

Lines of code Vulnerability details Impact The setManagerRight function takes managedRight and managerRight as inputs without validating them This could potentially lead to unexpected results if the input values are not what the function expects. Tools Used Recommended Mitigation Steps Provide...

Minimum referral requirement is incorrectly computed

Lines of code Vulnerability details As per the docs: Referrer rewards are allocated on a per draw basis Referrers who meet the minimum referral requirement according to the following table will be eligible for the Individual Referrer Allocation The minimum referral requirement for a draw N + 1 is...

Wrong calculation in calculateNewProfit

Lines of code Vulnerability details Impact There is a wrong calculation of the cumulative net profit of the lottery, which affects the calculation of the excess pot and rewards per winning ticket including the jackpot in each draw. This vulnerability also leads to a Denial of Service of the Lotte...

Ethos stil using LUSD (not ERN) will lead to confusion and ambiguity of the protocol resulting uncountable risk for the project

Lines of code Vulnerability details Impact Ethos stil using LUSD not ERN will lead to confusion and ambiguity of the protocol resulting uncountable risk for the project Proof of Concept Ethos is a fork project of Liquity with additional changes, supporting multi collateral tokens. There are some...

Max approve will not work for tokens that do not support it

Lines of code Vulnerability details Impact Max approve does not work for all tokens types Proof of Concept Inside the ReaperBaseStrategyv4 contract initializers, the contract is doing a max approve for the vault over the underlying asset, however this will not work for all tokens types Tools Used...

Integer Overflow & Underflow

Lines of code Vulnerability details Impact In the setYieldDistributionParams function, there is a danger of underflow or overflow of functionality. Owner calls the function and sets the values to be passed as uint256 for treasurySplit, SPSplit & stakingSplit. There is no check in place to ensure...

closeTrove never nulls trove.stake

Lines of code Vulnerability details // Auditor's note: not 100% sure if this is intentional, but I have reason to believe it's a mistake. Description When a trove gets liquidated, its stake gets set to 0 through removeStake, called eg here. However, when a trove gets closed gratiously through...

Upgraded Q -> 2 from #795 [1677634051278]

Judge has assessed an item in Issue 795 as 2 risk. The relevant finding follows: 01 FEE-ON-TRANSFER TOKENS ARE NOT SUPPORTED This protocol currently does not support fee-on-transfer tokens. For example, for a fee-on-transfer token, calling the following Vault.deposit function with the assets inpu...

KIBToken._transfer() did not correctly handle the case where from is the same as to

Lines of code Vulnerability details Impact Hackers can obtain any number of KIB tokens out of thin air. Using the stolen KIB tokens, the hacker could steal all the bonds in the KUMASwap by calling KUMASwap.buyBond, or steal all the deprecationStableCoin in the KUMASwap by calling...

Manipulation of livePrice to receive defaultIncentive in 2 consecutive blocks

Lines of code Vulnerability details Impact In StabilizerNode, the default behaviour when twap is below the lower peg threshold all transfers to the amm pool are blocked. However when usePrimedWindow = true, it will only block transfers for primedWindow = 10 blocks. After 10 blocks, the block...

Mitigation of M-03: Issue not fully mitigated

Lines of code Vulnerability details Original issue: M-03: Baited by redemption during undercollateralization no issuance, just transfer Explanation This is basically a dupe of M-04 as commented by the judge, I elaborated on this on the M-04 mitigation. TL;DR - using a boolean parameter to agree t...

Upgraded Q -> 2 from #533 [1676218902616]

Judge has assessed an item in Issue 533 as 2 risk. The relevant finding follows: Upgradeable contract is missing a gap50 storage variable to allow for new storage variables in later versions --- The text was updated successfully, but these errors were encountered: All reactions...

Re-entrancy in MultiRewardStaking.claimRewards

Lines of code Vulnerability details Impact If an ERC-777 token is used as reward token for any Staking contract in the system, that reward token can be completely drained from the Staking contract. Proof of Concept Re-entrancy can be done in the MultiRewardStaking.claimRewards function because of...

Upgraded Q -> 2 from #621 [1675724705438]

Judge has assessed an item in Issue 621 as 2 risk. The relevant finding follows: L2 - mintReceipt function lacks a check to verify if the quest has already ended mintReceipt function missing check for ended quest. This could result in a scenario where a receipt is minted after the quest has ended...

MinipoolManager: node operator can avoid being slashed

Lines of code Vulnerability details Impact When staking is done, a Rialto multisig calls MinipoolManager.recordStakingEnd . If the avaxTotalRewardAmt has the value zero, the MinipoolManager will slash the node operator's GGP. The issue is that the amount to slash can be greater than the GGP balan...

Unprotected payable functions in Payment.sol

Lines of code Vulnerability details Impact In Payment.sol contract unwrapWETH and sweepToken functions are without any access control. They are public and and doesn't validate that it's being called by any permissioned account. The result is that anyone can steal tokens. Proof of Concept 25:...

Modifier onlyMinter() implementation is faulty

Lines of code Vulnerability details The current implementation of the modifier onlyMinter will not revert because the "require" part is missing, therefore any user will be able to access the minting functions in RabbitHoleTickets.sol and RabbitHoleReceipt.sol. Impact Any user than the allowed...

Immutable varibles should be checked to there default values

Lines of code Vulnerability details Impact It is very important to check whether the immutable variables are not equal to the default values because if Quest is created and when we pass a default value to a variable then it can't be changed and it can lead to a problem. Proof of Concept Suppose...

Mitigation of M-05: Issue not mitigated

Lines of code Vulnerability details The sponsor disputes the issue, but never follows up after judge's comments, so the same issue remains in the new code. --- The text was updated successfully, but these errors were encountered: All reactions...

Only one GroupBuy can ever use USDT or similar tokens with front-running approval protections

Lines of code Vulnerability details The issue that is described in code-423n4/2022-12-tessera-findings37 was not mitigated and still applies like it is described there. --- The text was updated successfully, but these errors were encountered: All reactions...

A Malicious User can Lock All Funds in an Option

Lines of code Vulnerability details Impact By calling the mint and burn functions with the 'amount0' and 'amount1' equal to the the option pair's respective balances of token0 and token1, a user can cause a given option's "Option.totalLong0" and "Option.totalLong1" to both be set to 0. The effect...