Mitigation of M-05: Issue not mitigated

Lines of code Vulnerability details The sponsor disputes the issue, but never follows up after judge's comments, so the same issue remains in the new code. --- The text was updated successfully, but these errors were encountered: All reactions...

Only one GroupBuy can ever use USDT or similar tokens with front-running approval protections

Lines of code Vulnerability details The issue that is described in code-423n4/2022-12-tessera-findings37 was not mitigated and still applies like it is described there. --- The text was updated successfully, but these errors were encountered: All reactions...

A Malicious User can Lock All Funds in an Option

Lines of code Vulnerability details Impact By calling the mint and burn functions with the 'amount0' and 'amount1' equal to the the option pair's respective balances of token0 and token1, a user can cause a given option's "Option.totalLong0" and "Option.totalLong1" to both be set to 0. The effect...

Reentrancy attack to swap()

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. A malicious contract can initiate a reentrancy attack to the swap function: it can swap token0 for token1, receiving token0 but without effectively providing the due token1 amount used to mint instead...

Upgraded Q -> M from #254 [1674418824740]

Judge has assessed an item in Issue 254 as M risk. The relevant finding follows: 03: Lock.claimGovFees will revert with tokens that have approve race condition protection Some tokens only allow you to approve a new value if the current allowance is set to zero, e.g. USDT. This is not an issue rig...

abi.encodePacked Allows Hash Collision

Lines of code Vulnerability details Impact From the solidity documentation: If you use keccak256abi.encodePackeda, b and both a and b are dynamic types, it is easy to craft collisions in the hash value by moving parts of a into b and vice-versa. More specifically, abi.encodePacked"a", "bc" ==...

Fee on transfer based collateral is not considered.

Lines of code Vulnerability details Impact It has following impacts. 1. backingManager would be transferred with lesser than deposits 2. Recorded liabilities will be more 3. collateral deposited into the RToken contract would be lesser than deposits Proof of Concept Any one can mint RToken by...

Governance manipulation through signatures

Lines of code Vulnerability details Impact The impact is critical because it enables anyone to submit as many signatures as they want manipulating the governance. The probe relies that in the delegateBySig function, the nonce it is not checked upon msg.sender, it is checked upon the output for th...

ERC4626Cloned.previewMint() causes malicious users to can exclusive access to vault

Lines of code Vulnerability details Impact exclusive access to vault,Other users will not be able to mint Proof of Concept In the previewMint method, if the first user mint, no matter how many shares the user passes in, only 10e18 assets are needed function previewMintuint256 shares public view...

LienToken.transferFrom There is a possibility of malicious attack

Lines of code Vulnerability details Impact Corrupt multiple key properties of public vault, causing vault not to function properly Proof of Concept When LienToken.makePayment/buyoutLien/payDebtViaClearingHouse If it corresponds to PublicVault, it will make multiple changes to the vault, such as:...

Centralization risk

Lines of code Vulnerability details Impact MANAGERADMIN can set a very high value for minimumRedeemAmount which will ensure that all attempt to redeem amount simply fails Proof of Concept 1. User A wants to redeem amount 100000 using the requestRedemption function 2. Before User A can do so,...

Unsafe Storage Layout

Lines of code Vulnerability details Potentially lead to storage collision and cause the account to be re-initialized or have ownership transferred. Use upgradeable DiamondStorage for all inherited contracts. --- The text was updated successfully, but these errors were encountered: All reactions...

Frontrunning of smart wallet deployment

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. An attacker could obtain information about the owner and 'index' parameters to front-run the deployment of a smart wallet. Proof of Concept Provide direct links to all referenced code in GitHub. Add...

incorrect message signer check in ecrecover() and no validation for oracleSigner which would cause all the unsigned messagess to be considered asvalid ones

Lines of code Vulnerability details Impact address oracleSigner has been used to verify signed messages by comparing the return value of ecrecover by oracleSigner. but the return value of ecrecover would be 0x0 and code doesn't check that return value is not 0x0. if owner set oracleSigner as 0x0 ...

Attacker can delay proposal rejection

Lines of code Vulnerability details Impact In OptimisticListingSeaport.rejectProposal, it revert if proposedListing.collateral if proposedListing.collateral proposedListing.collateral -= amount; Proof of Concept 1. Attacker propose at 10000 collateral at a very low price 2. Bob try to reject it b...

Upgraded Q -> M from #163 [1671458931869]

Judge has assessed an item in Issue 163 as M risk. The relevant finding follows: TOKEN TRANSFERS DO NOT VERIFY THAT THE TOKENS WERE SUCCESSFULLY TRANSFERRED Some tokens like zrx do not revert the transaction when the transfer/transferfrom fails and return false, which requires us to check the...

Reentrancy issue #2: Functions remove() and sell() are vulnerable to reentrancy attack if baseToken implement a call to receiver in _beforeTokenTransfer().

Lines of code Vulnerability details It is important to be aware that I have reported two reentrancy bugs. Each of these have different ways of being activated and can be found in separate functions. Impact All calculations done in Caviar Pair are using token balance directly. For example, when...

[M-0] Unhandled return values of transfer

Lines of code Vulnerability details c4udit Report Issues found M-0 Unhandled return values of transfer Impact Some implementations of transfer could return ‘false’ on failure instead of reverting. Findings: src\Pair.sol::85 = transferFrommsg.sender, addressthis, fractionalTokenAmount;...

PRICES CAN BE MANIPULATED WHEN LIQUIDITY IS VERY LOW

Lines of code Vulnerability details Impact Base and fractional token prices in the pool can be manipulated and set to values severely deviating from the originally intended price ratio right after the pool has been created. At this point, liquidity in the pool is deemed zero or exceptionally thin...

GroupBuy may purchase NFT not in the allowed list

Lines of code Vulnerability details Impact When purchaseProof.length == 0, GroupBuy.purchase compare the tokenId with the merkleRoot. This allow any tokenId that match the merkleRoot to be purchased, even if they are not included in the allow list during setup. if purchaseProof.length == 0 //...

Generalized frontrunning risk for claiming winnings due to request.currentChosenTokenId being public

Lines of code Vulnerability details Impact The function VRFNFTRandomDraw.sol:fulfillRandomWords called by Chainlink receives an array of random words, and uses it to choose a random offset by which the winning tokenId is selected. The chosen tokenId is stored on the public request variable in the...

Ignored return value from "IERC20.transferFrom()"

Lines of code Vulnerability details Impact The return value from IERC20.transferFrom in "StableVault" was not checked, a malicious actor could first deposit a number of tokens without actually having it and then subsequently withdraw that amount of tokens from the "StableVault" Proof of Concept...

Wrong value of MONTH_IN_SECONDS could make it impossible to recover NFT in 7 years

Lines of code Vulnerability details Impact Constant MONTHINSECONDS has incorrect value. Instead of 1 month, it has the value of 7 months. // @dev about 30 days in a month uint256 immutable MONTHINSECONDS = 3600 24 7 30; // @audit wrong value, could allow bufferTime and recoverTimelock become too...

POSSIBLE FRONTRUNNING ATTACK ON MINTING LONG/SHORT POSITIONS

Lines of code Vulnerability details Impact createMarket function in PrePOMarketFactory.sol contract creates a new PrePOMarket contract. Salt is used for creating the contract which is computed from createPairTokens function. Variables passed to this function are visible from anyone they are input...

TWA Price should be updated in addLiquidity, removeLiqudity and swap and migrateBinsUpStack and transferLiquidity

Lines of code Vulnerability details Impact TWA Price should be updated in addLiquidity, removeLiqudity and swap and transferLiquidity Proof of Concept I want to quote from the documentation: In Maverick, the AMM smart contract tracks the time-weighted average price TWAP with a configurable lookba...

Discrepency in the Uniswap V3 position price calculation because of decimals

Lines of code Vulnerability details Impact When the squared root of the Uniswap V3 position is calculated from the getOracleData function, the price may return a very high number in the case that the token1 decimals are strictly superior to the token0 decimals. See: The reason is that at the...

Lack of verification for _uri parameter in createContract() function in Escher721Factory contract

Lines of code Vulnerability details Impact The impact of this vulnerability is that an attacker could potentially manipulate the token URI for any given token ID in the Escher721 contract created by the Escher721Factory contract. This could potentially allow the attacker to trick users into...

Funds reserved for refunding users can be steal in LPDA sale

Lines of code Vulnerability details Impact LPDA sale works like a Dutch Auction, where early buyers will get refund after the sale ended. In addition, in buy function, when last NFT is saled, it is automatically ending the LPDA sale and send payments to sale receiver, fee to fee receiver. And the...

Possible negative price on LPDA causes sale and refund mechanism to not working

Lines of code Vulnerability details Impact Possible negative price on LPDA causes sale and refund mechanism to not working Proof of Concept function getPrice public view returns uint256 Sale memory temp = sale; uint256 start, uint256 end = temp.startTime, temp.endTime; if block.timestamp...

[ZZ-001] PARENT_CANNOT_CONTROL and CANNOT_CREATE_SUBDOMAIN fuses can be bypassed

Severity: High Status: Has been reported to and comfirmed by Jeff ENS team Report Time: 11/28/2022 12:31 AM EST Description The fuse constraints can be violated by a malicious owner of the parent node i.e., the hacker. There are two specific consequences the hacker can cause. Suppose the subnode...

Uniswap V3 swaps are vulnerable to a sandwich attack

Lines of code Vulnerability details Impact As the amountOutMinimum is always hardcoded with 1 in the AutoPxGmx, then the Uniswap V3 swap is vulnerable to a frontrun / sandwich attack. Proof of Concept Even though the amountOutMinimum may never be 0 because it is prevented against it: if...

fee loss in AutoPxGmx and AutoPxGlp and reward loss in AutoPxGlp by calling PirexRewards.claim(pxGmx/pxGpl, AutoPx*) directly which transfers rewards to AutoPx* pool without compound logic get executed and fee calculation logic and pxGmx wouldn't be executed for those rewards

Lines of code Vulnerability details Impact Function compound in AutoPxGmx and AutoPxGlp contracts is for compounding pxGLP and additionally pxGMX rewards. it works by calling PirexGmx.claimpx, this to collect the rewards of the vault and then swap the received amount to calculate the reward,...

Upgraded Q -> M from #334 [1668467418003]

Judge has assessed an item in Issue 334 as M risk. The relevant finding follows: 2. Rug vectors by the owner A malicious owner can call setLBPairImplementation, setFeeRecipient, setFlashLoanFee , setFeesParameters and forceDecay to advantage himself at expenses of the users...

_returnETHIfAny() can silently fail, leading to an originator not getting the expected refund

Lines of code Vulnerability details The execute function refunds the unused ETH back to the originator through returnETHIfAny. This internal function uses a low-level call to transfer the ETH. The issue is that the return value of the call is not checked. As per the Solidity documentation...

No Revert on Failure, an order can be execute successfully by disguising them as NFTs.

Lines of code Vulnerability details Impact ERC20 tokens don't throw a error when failed in transfer. A malicious user can pretend to be sending an ERC721 token while it is something else. Orders are getting executed inside LooksRareProxy.sol, an attacker as a maker can make an BasicOrder that has...

Solmate's SafeTransferLib won't check if token has code, which can affect transfers in SizeSealed

Lines of code Vulnerability details Impact Not checking for token existence is a know issue for Solmate. This can cause unexpected contract functionality for transfers implemented in SizeSealed. Note that this might not be a problem for baseToken due to the check implemented in L103. However, thi...

_payoutToken[s]() is not compatible with tokens with missing return value

Lines of code Vulnerability details Impact Payout is blocked and tokens are stuck in contract. Proof of Concept PA1D.payoutToken and PA1D.payoutTokens call ERC20.transfer in a require-statement to send tokens to a list of payout recipients. Some tokens do not return a bool e.g. USDT, BNB, OMG on...

TokenHelper.sol#L40 : safeTransfer will revert due to insufficient gas.

Lines of code Vulnerability details Impact I am adding as high issue since most of the calling is done using the safeTransfer TokenHelper.solL40 : safeTransfer will revert due to insufficient gas. All the fuctions that are using the safeTransfer could fail due to insufficient gas. I see the...

Missing input validation can lead to accidental burning of tokens

Lines of code Vulnerability details Impact Some token transfers do not check that the receiving address is not the zero address. This can lead to an unintended burning of tokens. Proof of Concept 1. Assume Alice uses a web3 frontend to interact with a DAI/USDT pool. 2. Alice wants to swap DAI for...

Upgraded Q -> M from 236 [1666363743332]

Judge has assessed an item in Issue 236 as Medium risk. The relevant finding follows: ERC721 token can be lost in fillAsk PROBLEM When a user fills an ask order by calling fillAsk, the ERC721.transferFrom method is used to transfer the NFT to the receiver. Should the receiver be a smart contract...

Atomicity Literally NOT Guaranteed

Lines of code Vulnerability details Impact According to the Arbitrum documentation, "... Cross chain and cross shard interoperability is a hard problem, ... It's important to differentiate between calls from Ethereum to Arbitrum and calls from Arbitrum to Ethereum. Ethereum contracts can send...

outboundTransfer should return excess msg.value

Lines of code Vulnerability details Impact In function outboundTransfer, if users sends more msg.value than required, by accident, then the remaining msg.value is not sent back. So, if msg.value amount argument, then the excess msg.value is not sent back to msg.sender. This causes loss of funds f...

Buyers will lose an amount of their funds for only one ERC115 token

Lines of code Vulnerability details Impact By using StandardPolicyERC1155.sol as a matchingPolicy for the order. The buyer will transfer an amount of funds ETH or WETH for 2 or more tokens, but he will receive only 1 token. Proof of Concept in case the buyer has set Input.Order.amount 1. Let’s sa...

Upgraded Q -> M from 238 [1664280434191]

Judge has assessed an item in Issue 238 as Medium risk. The relevant finding follows: 5. Wrong comparison result when the length is longer than 32 File: contracts\dnssec-oracle\BytesUtils.sol 44: function comparebytes memory self, uint offset, uint len, bytes memory other, uint otheroffset, uint...

Employee can be unable to withdraw claimable amount that she or he deserves after admin revokes her or his claim

Lines of code Vulnerability details Impact When an employee has an active claim, this employee can call the following withdraw function to withdraw the claimable amount that she or he is entitled to, which would increase her or his claim's amountWithdrawn. Because the employee is free to call...

Overflow in _baseVestedAmount() prevents claims to be retrieved

Lines of code Vulnerability details Impact Rewards of high value will be unable to be withdrawn since claimableAmount will revert. Proof of Concept In line 176, if we assume there's a claim of a token with 18 decimals and a vesting of 1 year, which is a realistic vesting period that can be observ...

Mistakenly use of arithmetic operation can lead to loss

Lines of code Vulnerability details Mistakenly use of arithmetic operation can lead to loss Description Calculating the values can somewhat correct to what you need but this is a great mistake of calculation which should be overcomed .Now why should this be overcomed? Since in Solidity, the order...

ERC1155.isApprovedForAll(owner, receiver) logic means it is possible for an approved receiver to withdraw more shares than expected

Lines of code Vulnerability details In the Readme, it is mentioned a receiver can call withdraw on behalf of the shares owner we accept deposits and withdraws on behalf of other users, by using approve ERC1155 functions on withdraw, and recipient/owner params inside both deposit/withdraw function...

Problems with PegOracle

Lines of code Vulnerability details Impact There are at least a few problems with the PegOracle. I am grouping them into one submission because some of them are not that significant but the last one I believe deserves a higher severity. 1. Function latestRoundData queries getOracle2Price but...

An operator can steal an NFT after its listed

Lines of code Vulnerability details Impact The ArbitraryCallsProposal contract prevents calls to setApprovalForAll on NFTs the Party owns. If an NFT is listed, calls to setApprovalForAll via the ArbitraryCallsProposal contract will succeed because the Party isn’t in possession of the NFT. Anyone...