Rug vector for admin of Lender.sol who can max approve all principal tokens for any market without waiting the 3 days to themselves

Lines of code Vulnerability details Impact The admin of Lender.sol is authorized to call the function approve which will grant any address max approval over the principal tokens of a particular market. I assume that this functionality is used to approve the respective redeemer contracts used in...

No withdrawal possible for ETH TOKE pool

Lines of code Vulnerability details Impact The withdraw function of the ETH Tokemak pool has an additional parameter asEth. This can be seen in the Tokemak Github repository or also when looking at the deployed code of the ETH pool. Compare that to e.g. the USDC pool, which does not have this...

Staking: Attacker can stake very few tokens for others to increase the lock time of others' tokens.

Lines of code Vulnerability details Impact In the stake function of the Staking contract, anyone can stake tokens for others. And each time a token is staked, the lock time of all tokens is increased. This allows an attacker to stake few tokens for others to increase the lock time of others'...

use ECDSA helper library instead of ecrecover

Lines of code Vulnerability details use ECDSA helper library instead of ecrecover the function permit adds approval for a spender for a certain amount of value use of ecrecover to validate signatures without a nonce will allow signatures to be replayed to add additional approvals due to signature...

zeroswap/UniswapV2Pair.sol Token reserves per lp token can be manipulated due to lack of MINIMUM_LIQUIDITY when minting the first liquidity with migrator

Lines of code Vulnerability details if totalSupply == 0 address migrator = IUniswapV2Factoryfactory.migrator; if msg.sender == migrator liquidity = IMigratormigrator.desiredLiquidity; requireliquidity 0 && liquidity != uint256-1, "Bad desired liquidity"; else requiremigrator == address0, "Must no...

MasterChef's emergencyWithdraw can be reentered drawing all lptokens from the contract if pool.lpToken allows for transfer flow control

Lines of code Vulnerability details User's LP funds accounting update in emergencyWithdraw happens after lpToken transfer. If pool.lpToken allows for the control of transfer call flow or can be upgraded to allow it in the future i.e. beforetokentransfer, afterTokenTransfer type of hooks, or an...

Base rate update frequency can be bypassed by an admin

Lines of code Vulnerability details Impact Base rate update frequency can be bypassed by an admin. Above function require updateFrequency blocks to be passed. Proof of Concept function updateBaseRateuint newBaseRatePerYear public // check the current block number uint blockNumber = block.number;...

Functions in CNote.sol are internal instead of external/public

Lines of code Vulnerability details Impact Most of the functions in CNote.sol are internal mutability and have no other locations they are being called. This renders most of the functionalities in the contract to be uncallable. Tools Used Manual review Recommended Mitigation Steps Change to the...

Routers Are Not Enforced To Repay AAVE Portal Loan

Lines of code Vulnerability details Background AAVE Portal AAVE portal provides a trusted credit line that allows bridges to take on an unbacked position, and Connext intents to use this credit line to provide fast-liquidity for its users in the event the routers do not have sufficient liquidity...

Incorrect accounting results in loss of user stake

Lines of code InfinityStaker.solL116-L131 InfinityStaker.solL290-L325 Vulnerability details Impact In InfinityStaker.sol, when calling the unstake function updateUserStakedAmounts is called to readjust the user staked amounts. If a user stakes an amount in a duration and has an already vested amo...

auraBAL can be stuck into the Strategy contract

Lines of code Vulnerability details Impact The internal harvest function defined is responsible to claim auraBAL from the aura locker and within the function it swaps them to auraBAL - BAL/ETH BPT - WETH - AURA, finally it locks AURA to the locker to increase the position. For claiming auraBAL it...

If token == BADGER, the _handleRewardTransfer function does not work

Lines of code MyStrategy.solL405-L413 BaseStrategy.solL346-L353 Vault.solL396-L415 Vulnerability details Impact In MyStrategy.sol, when claiming bribes or sweeping reward tokens, the handleRewardTransfer function is called which calls sendToBadgerTree to send the amount of BADGER in the contract ...

Fee-on-transfer support

Lines of code Vulnerability details Impact Every time transferFrom or transfer function in ERC20 standard is called there is a possibility that underlying smart contract did not transfer the exact amount entered. It is required to find out contract balance increase/decrease after the transfer to...

Deposit and mint function will be rendered useless for users who are depositing using eth since balances will never be finalised

Lines of code Vulnerability details The penultimate function in NotionalV2.batchBalanceAndTradeAction calculates the withdrawals and finalises the balance as mentioned : but the following calculation will revert on an underflow since balanceState.netAssetTransferInternalPrecision is set to 0 in...

Approve Returned Value Not Validated

Lines of code Vulnerability details Proof-of-Concept The approve function attempts to performs an ERC20.approve call, but does not check if the returned value is true Succeed or false Failed. Some tokens do not revert if the approval failed but return false instead. / @dev Approve the given...

Re-entrancy in wfCashERC4626.redeem() can lead to more gains in assets and/or shares

Lines of code Vulnerability details Impact The redeem function in wfCashERC4626.sol can be re-entered at the point of redeemInternal. Assume underlying tokens are sent to receiver after shares are burnt, and user re-enters redeem after redeemInternal is completed., P.S: there's a separate issue o...

deposit through onERC1155Received can be locked by attackers, making the function useless

Lines of code Vulnerability details Impact Disable depositing through onERC1155Receive, potentially breaking all integrations using this function as entry point. Proof of concept An attacker can transfer another fCash position to the wrapper contract, which will trigger ERC1155Actions.transfer ⇒...

Loss of underlying tokens due to ERC4626 non-compliance in withdraw function in wfCashERC4626.sol

Lines of code Vulnerability details Impact The withdraw function in wfCashERC4626 is missing the code that transfers the underlying tokens to the receiver. According to the EIP-4626 standard, withdraw function Burns shares from owner and sends exactly assets of underlying tokens to receiver...

Upgraded Q -> M from 98 [1654475216526]

Judge has assessed an item in Issue 98 as Medium risk. The relevant finding follows: Set Limits on setFee A Malicious owner could set feeRate to = 100 1e18 / 100; which would give the entire value of an exercise transaction to the protocol, create a limit on the fees the owner can set. --- The te...

Upgraded Q -> M from 87 [1654442977298]

Judge has assessed an item in Issue 87 as Medium risk. The relevant finding follows: Issue 3 Low - Some tokens do not allow for Non-Zero to Non-Zero value approvals USDT, for example, will not allow approving a non-zero amount and then approving another non-zero amount. The approval must be reset...

THE FIRST AMM STAKER WILL HAVE CONTROL OVER HOW THE SHARES ARE CALCULATED

Lines of code Vulnerability details Impact The first staker can take control of how the subsequent shares are going to be distributed by simply staking 1wei amount of the token and frontrunning future stakers. The reasons of this are related on how the variables are updated and with the amounts...

execute() and executeWithBatch1155() functions are susceptible to DoS

Lines of code Vulnerability details Impact execute and executeWithBatch1155 are external functions. Both functions run for loops, boundary of which are determined by the function arguments. Anytime there's a loop where the input comes from an external source there's the possibility of unbounded...

uint256 => uint120 silent overflow

Lines of code Vulnerability details When converting a number from uint256 to a smaller type, solidity truncates it without raising errors. In our case, this operation is performed when saving numerator and denominator to the storage variable orderStatusorderHash code link...

Re-entry in BaseRewardPool.sol

Lines of code Vulnerability details Impact An actor who calls withdraw function for an arbitrary amount in his balance, can re-enter this flow again. As a result, he would get at least double rewards than the designed one. Proof of Concept Say an actor has his contract and has staked funds throug...

Bribe.sol Tokens with fee on transfer are not supported

Lines of code Vulnerability details There are ERC20 tokens that charge fee for every transfer or transferFrom. In the current implementation, Bribe.solnotifyRewardAmount assumes that the received amount is the same as the transfer amount, and uses it to calculate reward amounts. As a result, in...

BathToken with initial liquidity of 1 wei causes very expensive share price leading to precision errors and loss of funds

Lines of code Vulnerability details Impact The creator of a new BathToken is able to maliciously manipulate the share price by providing lowest possible amount 1 wei of liquidity initialLiquidityNew and then artificially blowing up the BathToken token balance. Following depositors will loose thei...

Reserve ratio isn't enforced after a trade execution

Lines of code Vulnerability details impact Users could get exposed to higher risk than desired and funds to withdraw from the vault could not be available Proof of Concept The reserve ratio is the parameter that ensures a percentage of the tokens is always available to be withdrawn from a pool by...

Order Overflow

Lines of code Vulnerability details Impact In the partial fill orderStatus calculation, there could be an overflow in the numerator and denominator calculation. This overflow could lead a buyer to buy more NFT/Other tokens than order amount. First example of impact: An NFT seller has two orders:...

ExtraRewardsDistributor deposits don’t work with fee-on transfer tokens

Lines of code Vulnerability details Impact There are ERC20 tokens that may make certain customizations to their ERC20 contracts. One type of these tokens is deflationary tokens that charge a certain fee for every safetransfer or safetransferFrom . Proof of Concept The ExtraRewardsDistributor’s...

ConvexMasterChef: When _lpToken is duplicated, reward calculation is incorrect

Lines of code Vulnerability details Impact Same as IDX-002 in In the ConvexMasterChef contract, a new staking pool can be added using the add function. The staking token for the new pool is defined using the lpToken variable. However, there is no additional checking whether the lpToken is already...

ATB-01M: Inexplicable Capability of Self-Limit Reduction

Lines of code Vulnerability details ATB-01M: Inexplicable Capability of Self-Limit Reduction | File | Lines | Type ---|---|--- AlchemicTokenV2Base.sol | L189-L191 | Access Control Description The mint function is meant to prevent arbitrary amount mints via the totalMinted variable being guarantee...

Unchecked call in _withdrawFromYieldPool

Lines of code GeneralVault.solL100-L128 LidoVault.solL122-L149 Vulnerability details Impact In the withdrawFromYieldPool function in LidoVault.sol, the receivedETHAmount value is returned before the sent value for the call function is checked on line 142. When withdrawCollateral is called in...

TokenType mismatch with true type can be exploited to steal funds

Lines of code Vulnerability details A vault can be created for different TokenTypes, namely ERC20 and ERC721. These tokens have different logic, so a user needs to pass the type of the underlying token when creating a vault. At the end of createVault the user's tokens are pulled into the contract...

The sendToCosmos function does not check for transfer-on-fee/deflationary tokens

Lines of code Gravity.solL595-L609 Vulnerability details Impact The documentation describes the use of tokens other than CUDOS in the Gravity.sol contract; so it is assumed that the CUDOS token will not be the only supported token. The documentation also states that validators on the Tendermint...

SpeedBumpPriceGate.sol has high likelyhood of overcharging buyer during decay phase

Lines of code Vulnerability details Impact Contract overcharges user Proof of Concept L79 passes through the entire ether balance sent. Since price decays each block it is likely that the transaction won't be processed during the same block that it was submitted. In situations like this the price...

Missing ERC20 return value check in MerkleVesting#withdraw

Lines of code Vulnerability details MerkleVestingwithdraw does not check the return value of the token withdrawal on line 173. If an ERC20 token returns false to indicate a failed transfer but does not revert, this transfer will silently fail but the withdrawal amount will still be deducted from...

Protocol unusable for some ERC20 tokens (bad tokens)

Lines of code Vulnerability details Impact Protocol unusable for some ERC20 tokens bad tokens PoC Some tokens don't correctly implement the EIP20 standard and their transfer/transferFrom return void The so called bad tokens. More info This makes the transaction revert when calling. Recommended Us...

Avoid payable.transfer

Originally submitted by warden horsefacts in 199, duplicate of 52. Avoid payable.transfer EthPool and EthVault both use payableaddress.transfer to transfer ETH. It's considered a best practice to avoid this pattern for ETH transfers, since it forwards a fixed amount of gas and may revert if futur...

PermissionlessBasicPoolFactory's pools with fee on transfer tokens can be emptied by repetitive deposit-withdraws

Lines of code Vulnerability details Griefing attack is possible if pool deposit token is a fee on transfer ERC20 as deposit, withdraw atomic call sequence is allowed with pre-fee token quantity being accounted as deposit amount. Suppose F is a fee on transfer token and the pool with F as deposit...

Creator of the contract could front run tax per capita to 100% of Yield rewards

Lines of code Vulnerability details Impact Contract creator could steal all rewards using frontrunning Proof of Concept When a yield pool is created pool tax is set equal to global tax and funds are sent into the contract to pay for rewards. The contract creator could set tax to 100% in a...

The Contract Should approve(0) first

Originally submitted by warden defsec in 198, duplicate of 178 related to the use of safeApprove. This is upgraded from a QA report to standalone issue because it correctly described the revert when trying to call safeApprove on non-zero allowance. QA report that only describe safeApprove as...

The ownership context is too centralized leaving room for other attack surfaces

Lines of code Vulnerability details Impact The ownership context is too centralized leaving room for other attack surfaces and leaving impression of distrust for the participants. Proof of Concept Almost all of the functions have onlyOwner modifier which allows accessing all the vital points of t...

ERC20 tokens with no return value will fail to transfer

Lines of code Vulnerability details Although the ERC20 standard suggests that a transfer should return true on success, many tokens are non-compliant in this regard including high profile, like USDT . In that case, the .transfer call here will revert even if the transfer is successful, because...

Use Victims Collateral by Frontrunning

Lines of code Vulnerability details Issue: the require statement in requestLoan doesn't check if the one that provides the collateral is the same address that requests the loan Consequences: If an NFT is transferred to the contract by itself, either on accident or preparing to call requestLoan wi...

Inconsistent balance when supplying fee-on transfer tokens

Lines of code Vulnerability details Impact There are ERC20 tokens that may make certain customizations to their ERC20 contracts. One type of these tokens is deflationary tokens that charge a certain fee for every transfer or transferFrom. Proof of Concept AaveV3YieldSource.solL237 Tools Used Manu...

Moral hazard of borrower calling liquidate() and potential Oracle manipulation

Lines of code Vulnerability details Impact In the InceptionVaultsCore contract, the liquidate and liquidatePartial function can be called anyone. This means that the borrower for a specific vaultId can call liquidate or liquidatePartial on his own vault. Furthermore, the project incentivizes...

Users' funds can become locked in the contract

Judge @GalloDaSballo has assessed the 2nd item in QA Report 163 as Medium risk. The relevant finding follows: … Users' funds can become locked in the contract In the withdraw function in ConvexStakingWrapper there's a call to MasterChef's withdraw funciton which uses the safeConcurTransfer functi...

First xERC4626 deposit exploit can break share calculation

Lines of code Vulnerability details Solmate convertToShares function follow the formula: assetDepositAmount totalShareSupply / assetBalanceBeforeDeposit. The share price always return 1:1 with asset token. If everything work normally, share price will slowly increase with time to 1:2 or 1:10 as...

RoleManager.sol: _revokeRole doesn't remove from the _roleMembers[role] set

Lines of code Vulnerability details Impact In the file RoleManager.sol the function revokeRole doesn't remove the account from the roleMembersrole set. This makes getRoleMemberCount wrong for the else part therefore the renounceGovernance require, on the number of governor, useless and risky as...

Oracle data feeds are insufficiently validated

Lines of code Vulnerability details Impact If the oracle price feeds are insufficiently validated, there will be pricing errors leading to the miss-pricing of assets/risk Proof of Concept The code does not verify that answeredInRound = roundID for both cases where an oracle is used, and the...