Missing input validation can lead to accidental burning of tokens

Lines of code Vulnerability details Impact Some token transfers do not check that the receiving address is not the zero address. This can lead to an unintended burning of tokens. Proof of Concept 1. Assume Alice uses a web3 frontend to interact with a DAI/USDT pool. 2. Alice wants to swap DAI for...

Incorrect output amount calculation for Trader Joe V1 pools

Lines of code Vulnerability details Impact Output amount is calculated incorrectly for a Trader Joe V1 pool when swapping tokens across multiple pools and some of the pools in the chain are V1 ones. Calculated amounts will always be smaller than expected ones, which will always affect chained swa...

Buyers will lose an amount of their funds for only one ERC115 token

Lines of code Vulnerability details Impact By using StandardPolicyERC1155.sol as a matchingPolicy for the order. The buyer will transfer an amount of funds ETH or WETH for 2 or more tokens, but he will receive only 1 token. Proof of Concept in case the buyer has set Input.Order.amount 1. Let’s sa...

Users can regain gobblers they use to mint Legendary Gobbler with.

Lines of code Vulnerability details Impact Users can mint legendary gobblers without actually burning their gobblers by using the GobblersERC721.approve function to approve themselves before minting their legendary gobbler the burn mechanism, doesn't delete the getApproved approved entry for that...

Gobbler Merkle tree vulnerable to second preimage attack

Lines of code Vulnerability details Impact The Merkle tree is vulnerable to a second preimage attack due to the fact that there is no prefix to distinguish between leaves an intermediate nodes Proof of Concept There are no prefixes added to the values in MerkleProofLib and none included in what's...

Using non cleaned up variables inside of inline assembly

Lines of code Vulnerability details Impact There is a revealGobblers function in a ArtGobblers smart contract. Inside the function is an assembly insert, which operates with a variable with a size less than a machine word. But the code inside the assembly not checking that variable is cleaned up...

The user Can't swap their frxETH to ETH

Lines of code Vulnerability details Impact I’m so confused I didn't find any logic to withdrawing my funds ETH by transferring my frxETH Recommended Mitigation Steps Create logic for withdrawals swap --- The text was updated successfully, but these errors were encountered: All reactions...

Overflow in _baseVestedAmount() prevents claims to be retrieved

Lines of code Vulnerability details Impact Rewards of high value will be unable to be withdrawn since claimableAmount will revert. Proof of Concept In line 176, if we assume there's a claim of a token with 18 decimals and a vesting of 1 year, which is a realistic vesting period that can be observ...

ERC1155.isApprovedForAll(owner, receiver) logic means it is possible for an approved receiver to withdraw more shares than expected

Lines of code Vulnerability details In the Readme, it is mentioned a receiver can call withdraw on behalf of the shares owner we accept deposits and withdraws on behalf of other users, by using approve ERC1155 functions on withdraw, and recipient/owner params inside both deposit/withdraw function...

Locked ether

Lines of code Vulnerability details Impact In contract Party.sol there is a receive declared. This means that the contract can accept eth payments. But there is no function defined , to withdraw those sent ether. So if a user accidently sent ether to the contract, the ether would be locked, as...

If noone deposit in one Vault, assets deposited to the other Vault will be locked.

Lines of code Vulnerability details Impact In each Vault epoch, idFinalTVL and idClaimTVL values is only set when someone call triggerDepeg or triggerEndEpoch from Controller. In case of depeg, we will swap assets of hedge and risk Vault. But if one Vault has noone deposited, idFinalTVL will be...

_claim function vulnerable to cross-chain-replay attacks

Lines of code Vulnerability details If there's a fork, since anyone can call claim, an attacker can monitor the blockchain for calls to claim, and then make the same call with the same arguments on the other chain. Proof of Concept There are no EIP-712 protections in the encoding: bytes32 leafHas...

Signature replay in RariMerkleRedeemer

Lines of code Vulnerability details Impact It is possible to reuse the signature used in the sign method in different chains or forks. Proof of Concept Neither the signed content nor the signature are associated with the contract DOMAINSEPARATOR. Therefore, both can be repeated in other contracts...

USING SYMBOL FOR TOKEN IDENTIFICATION

Lines of code Vulnerability details Impact Proof of Concept An exploiter may create a fake tokens whose symbols are cNOTE, cUSDT or cUSDC. When somebody call computrolle’s liquidateCalculateSeizeTokens ，it will give an unlisted token with other token's it can be unlisted token or listed token...

Add to Blacklist function

Lines of code Vulnerability details L-2. Add to Blacklist function Description: Cryptocurrency mixing service, Tornado Cash, has been blacklisted in the OFAC. A lot of blockchain companies, token projects, NFT Projects have blacklisted all Ethereum addresses owned by Tornado Cash listed in the US...

TRSRY: front-runnable setApprovalFor

Lines of code Vulnerability details Impact An attacker may be able to withdraw more than intended Proof of Concept Let's say the alice had approval of 100. Now the treasury custodian reduced the approval to 50. Alice could frontrun the setApprovalFor of 50, and withdraw 100 as it was before. Then...

[NAZ-M2] Centralization Risk with "voter_admin" Has The Ability To mintTo/BurnFrom Any Arbitrary Amount of VOTES

Lines of code Vulnerability details Impact "voteradmin" has the ability to mint/burn any arbitrary amount of VOTES. Creating a centralization risk that allows "voteradmin" to pass or veto any proposal. Proof of Concept 1. Alice submits a proposal that benefits the users at an expense of Mallory's...

Proposal functions are lacking access control for Governance.sol

Lines of code Vulnerability details Impact For the Governance.sol contract, the functions activateProposal and executeProposal can be called by anyone. Proof of Concept An malicious user could monitor the protocal DAO and activate or execute a proposal in a time not intended by the proposal...

Upgraded Q -> M from 69 [1661781432655]

Judge has assessed an item in Issue 69 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

# Borrower can self liquidate to steal fund

Lines of code Vulnerability details Borrower can self liquidate to steal fund Impact Borrower has incentive to self liquidate. Since the shares to repay in liquidation is at discount, the contract would loss some fund by each liquidation. Every time the LTV touches the edge of liquidation, the...

MIMOAutoRebalance#rebalance can be used to drain vault due to reentrancy

Lines of code Vulnerability details Impact Vault is drained instead of rebalanced Proof of Concept The caller of rebalance is allowed to supply arbitrary swapData when calling rebalance. The can be used to swap into a malicious ERC20 token that transfers control to the attacker. This opens the...

When a user is given the owner privilege of multiple MIMOProxy through transferOwnership, the user cannot choose which MIMOProxy to use as the current Proxy

Lines of code Vulnerability details Impact currentProxies is only set when the user calls the deployFor function of the MIMOProxyRegistry contract, function deployForaddress owner public override returns IMIMOProxy proxy IMIMOProxy currentProxy = currentProxiesowner; // Do not deploy if the proxy...

Unchecked Call Return Value

Lines of code Vulnerability details Impact The return value of a message call is not checked. Execution will resume even if the called contract throws an exception. If the call fails accidentally or an attacker forces the call to fail, this may cause unexpected behaviour in the subsequent program...

Owner of project NFT has no purpose

Lines of code Vulnerability details Owner of project NFT has no purpose Impact Creating a new project mints a NFT to the sender builder. The builder of a project has special permissions and is required to perform various tasks. However, if the minted NFT is transferred to a different address, the...

Ownership transfer not correctly handled for flash loans

Lines of code Vulnerability details Impact In response to a flashloan, proxyRegistry.getCurrentProxyowner is used to retrieve the correct user proxy and check that this proxy has initiated the flash loan. This can be problematic after ownership transfers of the proxy, where...

Malicious callers can replay change orders

Lines of code Vulnerability details Unlike some of the other signature based operations in the Rigor system, change order signatures do not include a nonce and are vulnerable to replay attacks. A number of exploits are possible using replayed change orders, including subcontractors extracting...

AxelarDepositService: When wrappedToken is not weth, sendNative may cause users to lose ether.

Lines of code Vulnerability details Impact In the sendNative function of the AxelarDepositService contract, the wrappedToken address is treated as weth-like and the wrappedToken's deposit function is called. If the wrappedToken address is TokenType.External token and is not weth-like and the...

XC20Wrapper may lost received token forever if LocalAsset(xc20).mint is reverted indefinitely

Lines of code Vulnerability details Impact XC20Wrapper may lost received token forever if LocalAssetxc20.mint is reverted indefinitely. Similar to ERC20, the spec said that if mitn returns false it means minting is failed. But it is commonly revert instead of returning false which is also a minti...

Unprotested _setup function in XERC20Wrapper via Upgradable Contract

Lines of code Vulnerability details Impact If a caller calls the setup function and the address within the IMPLEMENTATIONSLOT does not equal zero, the function will call setup. The setup function changes the ownership of the contract. Proof of Concept The Upgradable contract has a setup function...

Call() should be used instead of transfer() on an address payable

Lines of code Vulnerability details Impact The use of the deprecated transfer function for an address will inevitably make the transaction fail when : 1. The withdrawer smart contract does not implement a payable fallback function. 2. The withdrawer smart contract implements a payable fallback...

NameWrapper._transferAndBurnFuses() allows reentrancy on onERC1155Received callback

Lines of code Vulnerability details Impact When calling the internal function transferAndBurnFuses in NameWrapper.setSubnodeOwner or NameWrapper.setSubnodeRecord , ERC1155Fuse.transfer is called before setFuses which creates a reentrancy opportunity when newOwner is a contract, which may allow a...

ETHRegistrarController.renew should call NameWrapper.renew

Lines of code Vulnerability details Impact NameWrapper.renew has an onlyController modifier. And ETHRegistrarController should be the controller of NameWrapper Otherwise ETHRegistrarController.register cannot call NameWrapper.registerAndWrapETH2LD. Therefore, ETHRegistrarController.renew should...

Parent domain owner can steal ownership and clear any fuses for any sub-domain if CANNOT_UNWRAP is not burnt on his own domain

Lines of code Vulnerability details Impact There is a general incorrect logic of burning fuses throughout NameWrapper, which allows parent domain owner to burn subdomain fuses including PARENTCANNOTCONTROL regardless of parent domain's own fuses only subdomain fuses are checked, parent fuses are...

Collateral limit can be bypassed in auction

Lines of code Vulnerability details Collateral limit could be bypassed, allowing more collateral to be auctioned concurrently than intended by governance. // There is a limit on how much collateral can be concurrently put at auction, but it is a soft limit. // If the limit has been surpassed, no...

Validation check for payFYToken and payBase functions to allow only valid users.

Lines of code Vulnerability details Impact This will prevent from calling the functions by invalid users. Unnecessary condition verification. Proof of Concept Tools Used Manual code review Recommended Mitigation Steps At the start of the functions, add validation check such that only the user who...

Don't trust in references contracts

Lines of code Vulnerability details Impact The references contracts don't check anything, and the function receive a lot of parameters to manipulate the call Proof of Concept If somebody approveERC20/777/721/1155 the TransferReference contract or use a delegatecall the tokens can be stolen...

Migration Module: The assets can be taken by a failed proposal

Lines of code Vulnerability details Impact HIGH - Assets can be stolen directly When there are multiple proposals for a vault, a failed proposal can withdraw the assets. Proof of Concept proof of concept: testMultiProposalpoc The proof of concept shows a scenario alice is taking assets. 1. setup:...

function mint() in FERC1155 don't follow check-effect-interact pattern, it's possible to call protocol contracts after tokens minted and before totalSupply updated

Lines of code Vulnerability details Impact Function mint mints new fractions for an ID and is only callable by VaultRegistry. code mints tokens then updates totalSupply value. when minting contract may make external call to target address, in that external call contract state is wrong, tokens are...

Any token approved for the base vault can be stolen

Lines of code Vulnerability details Impact All tokens approved for the BaseVault contract can be stolen by any attacker. The batchDeposit functions lack proper access controls and allow the token source to be an arbitrary address as opposed to restricting it to msg.sender. Since token approvals...

Not update ethBalance after users cash out in Migration may cause loss of funds

Lines of code Vulnerability details Impact In Buyout.cash function, users will burn their fractions to cash out ETH. The ETH amount is proportionate the number of fractions they have. So when someone burn fractions, total amount of ETH ethBalance should be updated accordingly. But in cash functio...

Distribution of reserved tokens may run out of gas

Lines of code Vulnerability details Impact If there are enough entries in the splits array, the function that distributes the reserved tokens will run out of gas, and the reserved tokens will be un-distributable until the current cycle is over, and the splits are changed. If cycles are long, the...

Missing checks on return data from the chainlink

Lines of code Vulnerability details Impact MED - the function of the protocol could be impacted 1. Use stale price information resulting to wrong project's balance 2. In the case of zero price, functions using price information will revert. Proof of Concept // JBPrices::priceFor at line 69 calls...

Unused deadline checker modifier may result in user fund loss due to unexpect transaction ordering (MEV)

Lines of code Vulne...

baseRatePerBlock not updated when a new base rate is set

Lines of code Vulnerability details Impact When an admin sets a new baseRatePerYear in setBaseRatePerYear, the baseRatePerBlock is not updated. If the deltaBlocks has not passed yet, it will also not be updated when getSupplyRate is called, i.e. a stale value will be returned there. Recommended...

Centralized mint

Lines of code Vulnerability details Impact The mint method is too centralized. Proof of Concept Using the mint function of ERC20MinterBurnerDecimals, the minter address can mint arbitrary amount of tokens. If the private key of the owner or minter address is compromised, the attacker will be able...

Deflationary/fee-on-transfer tokens are not supported

Lines of code Lender.solL215 Lender.solL337 Lender.solL398 Lender.solL456 Lender.solL521 Lender.solL564 Lender.solL617 Vulnerability details Impact When an amount of underlying tokens is sent to the Lender.sol contract during a lend, the actual amount gained by the contract might not be exactly t...

Illuminate PT redeeming allows for burning from other accounts

Lines of code Vulnerability details Illuminate PT burns shares from a user supplied address account instead of user's account. With such a discrepancy a malicious user can burn all other's user shares by having the necessary shares on her balance, while burning them from everyone else. Setting th...

Fees should be paid by the user when lend() to Swivel

Lines of code Vulnerability details function lend uint8 p, address u, uint256 m, uint256 memory a, address y, Swivel.Order calldata o, Swivel.Components calldata s public unpausedp returns uint256 // lent represents the number of underlying tokens lent uint256 lent; // returned represents the...

Sending batch withdrawal requests can possibly DoS

Lines of code Vulnerability details Impact The function BatchRequests.sendWithdrawalRequests allows calling the sendWithdrawalRequests function on all of the Yieldy contracts at once. However, due to the unbounded for loop, if many Yieldy contracts are added to contracts, this function can...

Rug vector for admin of Lender.sol who can max approve all principal tokens for any market without waiting the 3 days to themselves

Lines of code Vulnerability details Impact The admin of Lender.sol is authorized to call the function approve which will grant any address max approval over the principal tokens of a particular market. I assume that this functionality is used to approve the respective redeemer contracts used in...