If noone deposit in one Vault, assets deposited to the other Vault will be locked.

Lines of code Vulnerability details Impact In each Vault epoch, idFinalTVL and idClaimTVL values is only set when someone call triggerDepeg or triggerEndEpoch from Controller. In case of depeg, we will swap assets of hedge and risk Vault. But if one Vault has noone deposited, idFinalTVL will be...

_claim function vulnerable to cross-chain-replay attacks

Lines of code Vulnerability details If there's a fork, since anyone can call claim, an attacker can monitor the blockchain for calls to claim, and then make the same call with the same arguments on the other chain. Proof of Concept There are no EIP-712 protections in the encoding: bytes32 leafHas...

Unending and Eventually Futile TRIBE Redemption

Lines of code Vulnerability details Impact TRIBE holders can redeem for pro rata share of remaining DAO controlled assets according to TIP-121 proposal. In the light of this, users would rush into redeeming their TRIBE before the balances of each tokensReceived held on this contract run out...

No validation on wcanto may lead into lock deposit because of arbitrary address in deposit call

Lines of code Vulnerability details No validation on wcanto may lead into lock deposit because of arbitrary address in deposit call Impact Address wcanto is not being validated. In case of wrong deployment, function swapExactCANTOForTokens will lock ether in a wrong contract. Consideration...

Race condition produces DDOS on governance : 20% minority can block the other 80% from passing a proposal.

Lines of code Vulnerability details Impact An account controlling enough voting percentage to endorse a proposal can block an unwanted proposal from being activated. This can be done by frontrunning or by paying more for gas. There can only be one concurrent activated proposal so there is a race...

Checked range.low.market and range.high.market can be deliver wrong return

Lines of code Vulnerability details Impact Deactived checked can be deliver wrong return Proof of Concept When auctioneer was live, so range.low.market and range.high.market was checked is back above the cushion and if the price is below the wall the only way was used && since if the case was the...

taetaw

Lines of code L1 Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps --- Th...

Voting signature malleability of EVM's ecrecover in castVoteBySig

Lines of code Vulnerability details Proof of Concept EVM's ecrecover is susceptible to signature malleability which allows replay attacks, but that is mitigated here by doing receipt.hasVoted = true;. However, if any of the application logic changes, it might make signature malleability a risk fo...

Chainlink oracle data feed is not further validated and can return stale answer

Lines of code Vulnerability details Impact Although the protocol recognizes that Chainlink oracles can provide outdated answers, using stale answers without further validation might not be a good practice. Moreover, in the updateExchangeRate function, where the latestRoundData method is used, the...

No Return Data Checks on Chainlink's latestRoundData() Might Return Stale Prices

Lines of code Vulnerability details Impact The updateExchangeRate function of FraxlendPairCore contract gets price using chainlink latestRoundData function. However it lacks the check on the return data and this might lead to stale prices. Proof of Concept ./FraxlendPairCore.sol:524: , int256...

# Borrower can self liquidate to steal fund

Lines of code Vulnerability details Borrower can self liquidate to steal fund Impact Borrower has incentive to self liquidate. Since the shares to repay in liquidation is at discount, the contract would loss some fund by each liquidation. Every time the LTV touches the edge of liquidation, the...

MIMOAutoRebalance#rebalance can be used to drain vault due to reentrancy

Lines of code Vulnerability details Impact Vault is drained instead of rebalanced Proof of Concept The caller of rebalance is allowed to supply arbitrary swapData when calling rebalance. The can be used to swap into a malicious ERC20 token that transfers control to the attacker. This opens the...

Double spend in execute function from the MIMOProxy

Lines of code Vulnerability details There is batch function in MIMOProxy smart contract. The function is inherited from the BoringBatchable contract. The function accept an array of bytes - call parameters, and do delegate call to addressthis for each of the call parameters. There also is execute...

Signature Replay Attack - Signatures are reusable

Lines of code Vulnerability details checkSignatureValidity performs a check to verify that the signer is the correct address. In the case of Community this is done on the following data: uint256 communityID, address builder, address lender, address agent, address project, uint256 repayAmount, byt...

Malicious callers can replay change orders

Lines of code Vulnerability details Unlike some of the other signature based operations in the Rigor system, change order signatures do not include a nonce and are vulnerable to replay attacks. A number of exploits are possible using replayed change orders, including subcontractors extracting...

Anyone Can Become Owner Of XC20Wrapper Contract

Lines of code Vulnerability details Anyone can become the owner of the XC20Wrapper contract by calling the XC20Wrapper.setup function. Proof-of-Concept The XC20Wrapper contract inherits from Upgradable contract. contract XC20Wrapper is AxelarExecutable, Upgradable As such, the XC20Wrapper contrac...

Unprotested _setup function in XERC20Wrapper via Upgradable Contract

Lines of code Vulnerability details Impact If a caller calls the setup function and the address within the IMPLEMENTATIONSLOT does not equal zero, the function will call setup. The setup function changes the ownership of the contract. Proof of Concept The Upgradable contract has a setup function...

Functions that send Ether to arbitrary destinations

Lines of code Vulnerability details M-1. Functions that send Ether to arbitrary destinations Description Unprotected call to a function that allow a user to refund to another address. Mitigation Ensure that an arbitrary user cannot withdraw unauthorized funds...

arbitrary low level call

Lines of code Vulnerability details Impact An attacker may perform call to an arbitrary address with controlled calldata Proof of Concept File: contracts\DepositHandler.sol: 23 if callee.code.length == 0 revert NotContract; 24: success, returnData = callee.calldata; 25 references: Tools Used vsco...

Parent domain owner can steal ownership and clear any fuses for any sub-domain if CANNOT_UNWRAP is not burnt on his own domain

Lines of code Vulnerability details Impact There is a general incorrect logic of burning fuses throughout NameWrapper, which allows parent domain owner to burn subdomain fuses including PARENTCANNOTCONTROL regardless of parent domain's own fuses only subdomain fuses are checked, parent fuses are...

Vaults are not locked properly

Lines of code Vulnerability details Impact Even though after Auction starts, Vault ownership moves to Witch but still Cauldron Admin can perform operations on this Vault. This includes transferring funds from a Vault which has live Auction ongoing Proof of Concept 1. Auction is started on Vault i...

Committed Unsuccessful Migration can be settled later on

Lines of code Vulnerability details Impact When committing a migration proposal, it's status is changed to isCommited = true and the buyout starts. After 4 days, the buyout ends. Considering the case it was rejected, its status goes to INACTIVE. Nothing happens to the proposal in the Migration...

The FERC1155.sol don't respect the EIP2981

Lines of code Vulnerability details Impact The EIP-2981: NFT Royalty Standard implementation is incomplete, missing the implementation of function supportsInterfacebytes4 interfaceID external view returns bool; from the EIP-165: Standard Interface Detection Proof of Concept A marketplace...

The reserves accounting breaks when total balances surpas type(int256).max

Lines of code Vulnerability details Reserved tokens do not get minted automatically when a new payment is received. Instead, they must be explicitly distributed during the funding cycle which contains the reserved rate and splits that should be applied. If a funding cycle's reserved rate or split...

Missing checks on return data from the chainlink

Lines of code Vulnerability details Impact MED - the function of the protocol could be impacted 1. Use stale price information resulting to wrong project's balance 2. In the case of zero price, functions using price information will revert. Proof of Concept // JBPrices::priceFor at line 69 calls...

Multiple initialization in NoteInterest

Lines of code Vulnerability details Impact The initialize method of the contract NoteInterest can be initialized multiple times. Proof of Concept The method initialize of the contract NoteInterest looks like this: function initializeaddress cnoteAddr, address oracleAddress external if msg.sender ...

Rug vector for admin of Lender.sol who can max approve all principal tokens for any market without waiting the 3 days to themselves

Lines of code Vulnerability details Impact The admin of Lender.sol is authorized to call the function approve which will grant any address max approval over the principal tokens of a particular market. I assume that this functionality is used to approve the respective redeemer contracts used in...

Sending batch withdrawal requests can possibly DoS

Lines of code Vulnerability details Impact The function BatchRequests.sendWithdrawalRequests allows calling the sendWithdrawalRequests function on all of the Yieldy contracts at once. However, due to the unbounded for loop, if many Yieldy contracts are added to contracts, this function can...

No withdrawal possible for ETH TOKE pool

Lines of code Vulnerability details Impact The withdraw function of the ETH Tokemak pool has an additional parameter asEth. This can be seen in the Tokemak Github repository or also when looking at the deployed code of the ETH pool. Compare that to e.g. the USDC pool, which does not have this...

Fee Was Not Charged When Buying On Secondary Curve

Lines of code Vulnerability details Proof-of-Concept Per the documentation, the admin and curator fees are charged when buying on the secondary curve. Whenever someone mints and burns tokens on the bonding curve, they need to pay some trading fees which is accrued in ETH Within the NibblVault.buy...

use ECDSA helper library instead of ecrecover

Lines of code Vulnerability details use ECDSA helper library instead of ecrecover the function permit adds approval for a spender for a certain amount of value use of ecrecover to validate signatures without a nonce will allow signatures to be replayed to add additional approvals due to signature...

CNote updates the accounts after sending the funds, allowing for reentrancy

Lines of code Vulnerability details Having no reentrancy control and updating the records after external interactions allows for funds draining by reentrancy. Setting the severity to medium as this is conditional to transfer flow control introduction on future upgrades, but the impact is up to th...

Upgraded Q -> M from 44 [1655746452853]

Judge has assessed an item in Issue 44 as Medium risk. The relevant finding follows: 3. Missing/Invalid validation checks Risk Low Impact Function ForgottenRunesWarriorsMinter.setPhaseTimes setups times for different phases of minting. Phases should be launched one after the other. Missing check:...

rescueEth does not transfer ether in contract

Lines of code Vulnerability details Impact The InfinityStakerrescueETH and InfinityExchangerescueETH payable functions sends msg.value to the destination and not the ether in the contract, so the fees and accidentally transferred ether is not sent to the destination address Proof of Concept...

Approve Returned Value Not Validated

Lines of code Vulnerability details Proof-of-Concept The approve function attempts to performs an ERC20.approve call, but does not check if the returned value is true Succeed or false Failed. Some tokens do not revert if the approval failed but return false instead. / @dev Approve the given...

Rounding Issues In Certain Functions

Lines of code Vulnerability details Background Per EIP 4626's Security Considerations Finally, ERC-4626 Vault implementers should be aware of the need for specific, opposing rounding directions across the different mutable and view methods, as it is considered most secure to favor the Vault itsel...

DOS set token through erc777 hook

Lines of code Vulnerability details Impact The wfCash is an erc777 token. ERC777.solL376-L380 Users can get the control flow before sending token and after receiving tokens. This creates attack vectors that require extra caution in designing modules. Any combination of modules may lead to a...

Sandwitch attack in NotionalTradeModule

Lines of code Vulnerability details Impact It's possible to do a sandwitch attack in NotionalTradeModule. Proof of Concept The redeemMaturedPositions method uses a slippage of 0 when calling the redeemFCashPosition method. This will allow an attacker to take advantage of it and perform a sandwitc...

Upgraded Q -> M from 87 [1654442977298]

Judge has assessed an item in Issue 87 as Medium risk. The relevant finding follows: Issue 3 Low - Some tokens do not allow for Non-Zero to Non-Zero value approvals USDT, for example, will not allow approving a non-zero amount and then approving another non-zero amount. The approval must be reset...

Re-entry in BaseRewardPool.sol

Lines of code Vulnerability details Impact An actor who calls withdraw function for an arbitrary amount in his balance, can re-enter this flow again. As a result, he would get at least double rewards than the designed one. Proof of Concept Say an actor has his contract and has staked funds throug...

Once-off setter functions can be set multiple times

Lines of code Vulnerability details Impact The once-off setter functions don't use require to limit, resulting in multiple calls. Proof of Concept RewardsDistributor.sol // Once off event on contract initialize function setDepositoraddress depositor external requiremsg.sender == depositor;...

BathToken with initial liquidity of 1 wei causes very expensive share price leading to precision errors and loss of funds

Lines of code Vulnerability details Impact The creator of a new BathToken is able to maliciously manipulate the share price by providing lowest possible amount 1 wei of liquidity initialLiquidityNew and then artificially blowing up the BathToken token balance. Following depositors will loose thei...

Reserve ratio isn't enforced after a trade execution

Lines of code Vulnerability details impact Users could get exposed to higher risk than desired and funds to withdraw from the vault could not be available Proof of Concept The reserve ratio is the parameter that ensures a percentage of the tokens is always available to be withdrawn from a pool by...

Consistently check account balance before and after transfers for Fee-On-Transfer discrepancies

Lines of code Vulnerability details As arbitrary ERC20 tokens can be passed, the amount here should be calculated every time to take into consideration a possible fee-on-transfer or deflation. Also, it's a good practice for the future of the solution. Affected code:...

Unchecked call in _withdrawFromYieldPool

Lines of code GeneralVault.solL100-L128 LidoVault.solL122-L149 Vulnerability details Impact In the withdrawFromYieldPool function in LidoVault.sol, the receivedETHAmount value is returned before the sent value for the call function is checked on line 142. When withdrawCollateral is called in...

YearnTokenAdapter allows a maximum loss of 100% when withdrawing

Lines of code Vulnerability details Impact YearnTokenAdapter allows slippage of 100% when withdrawing from the vault which will cause a loss of funds. Here's the documentation straight from the vault contract: It allows the user to specify the maxLoss as the last parameter. It determines how many...

The sendToCosmos function does not check for transfer-on-fee/deflationary tokens

Lines of code Gravity.solL595-L609 Vulnerability details Impact The documentation describes the use of tokens other than CUDOS in the Gravity.sol contract; so it is assumed that the CUDOS token will not be the only supported token. The documentation also states that validators on the Tendermint...

FixedPricePassThruGate.sol All the msg.value should be pass thru to gate.beneficiary instead of gate.ethCost

Lines of code Vulnerability details In FixedPricePassThruGate.solpassThruGate, at L48 the msg.value is checked to be = gate.ethCost instead of == gate.ethCost, which makes it possible for the caller to send more than gate.ethCost. However, at L53 only the amount of gate.ethCost is passed thru to...

Creator of the contract could front run tax per capita to 100% of Yield rewards

Lines of code Vulnerability details Impact Contract creator could steal all rewards using frontrunning Proof of Concept When a yield pool is created pool tax is set equal to global tax and funds are sent into the contract to pay for rewards. The contract creator could set tax to 100% in a...

PermissionlessBasicPoolFactory's pools with fee on transfer tokens can be emptied by repetitive deposit-withdraws

Lines of code Vulnerability details Griefing attack is possible if pool deposit token is a fee on transfer ERC20 as deposit, withdraw atomic call sequence is allowed with pre-fee token quantity being accounted as deposit amount. Suppose F is a fee on transfer token and the pool with F as deposit...