First liquidity provider can break minting of shares

Lines of code Vulnerability details Impact The attack vector and impact is that users may not receive shares in exchange for their deposits if the total asset amount has been manipulated through a large “donation”. Proof of Concept The attack vector and impact is that users may not receive shares...

Possible to stop trading

Lines of code Vulnerability details Impact It's possible to stop market due to division by 0 exception. So better to prevent this, because better to revert with missing minAmountOut than revert with some error, which might be complicated to detect. Proof of Concept There is a change to withdraw a...

Well.shift could suffer from front-running attack

Lines of code Vulnerability details Impact The usage of Well.shift is described in the comment: 2. Using a router with shift: WETH.transfersender=0xUSER, recipient=Well1 1 Call the router, which performs: Well1.shifttokenOut=DAI, recipient=Well2 DAI.transfersender=Well1, recipient=Well2 2...

Flash loan price manipulation in Well.sol

Lines of code Vulnerability details Impact Line 214 of Well.sol calculates the price of tokens to tokens in the pool based on the balances at a single point in time. Pool balances at a single point in time can be manipulated with flash loans, which can skew the numbers to the extreme. The single...

Potential token duplication validation bypass

Lines of code Vulnerability details Impact Potential token duplication validation bypass Proof of Concept The loop statement in init function will check if there is duplicated token for a Well. function initstring memory name, string memory symbol public initializer ERC20Permitinitname;...

Function collision between extension functions and account functions

Lines of code Vulnerability details Impact Users or owner can't use extensions because of collision between extension functions and account functions Proof of Concept Whenever someone calls account it will check for functions inside it, if there isn't function it goes to fallback to check...

Invariants doesn't checked

Lines of code Vulnerability details Impact Liquidity providers might lost their funds. Because wellFunction can be arbitrary. Proof of Concept I've asked publius about wellFunction, and he respond -- that anyone can create any wellFunction and pass it to the Well. So, let's consider for example...

TWAP can be easily manipulated by attacker through the sync() function, causing loss of funds

Lines of code Vulnerability details Description Please refer to the issue titled Implementation of Well shift function allows attackers to completely manipulate the oracles for relevant introduction and context. The safety of the TWAP relies on calling the observation function update with the...

Possible reentrancy during redemption/swap

Lines of code Vulnerability details Impact Redeemers might charge more collaterals during redemption/swap by the reentrancy attack. Proof of Concept Redeemers can redeem the agToken for collaterals in Redeemer contract and redeem burns the agToken and transfers the collaterals. function redeem...

LACK OF deadline CHECK COULD PROMPT DELAYED EXECUTION OF swap OPERATION

Lines of code Vulnerability details Impact The RewardHandler.sellRewards function is used by governance and trusted sellers to sell reward tokens for collateral tokens. This function ensures that none of the collateral should be decreased after the swap by checking their respective balances befor...

No check for active Arbitrum Sequencer

Lines of code Vulnerability details Impact If the Arbitrum sequencer goes down, the stale ratio will be used during the swap. Proof of Concept readChainlinkFeed gets the price from chainlink oracle and the ratio is used during the swap. function readChainlinkFeed uint256 quoteAmount,...

ARBITARY USER CAN CALL THE SavingsVest.accrue FUNCTION MULTIPLE TIMES BEFORE THE updateDelay PERIOD HAS ELAPSED

Lines of code Vulnerability details Impact In the SavingsVest contract the updateDelay variable is defined. This variable is used to refer the minimum time between two calls to the accrue function. This is implemented in the SavingsVest.accrue function as follows: if block.timestamp - lastUpdate...

getMerkleRoot() might return an unconfirmed root.

Lines of code Vulnerability details Impact Users might claim rewards using an unconfirmed merkle root. Proof of Concept getMerkleRoot returns the merkle root to claim the rewards. function getMerkleRoot public view returns bytes32 if block.timestamp = endOfDisputePeriod return tree.merkleRoot; el...

Liquidity providers may lose funds when initialising a strategy

Lines of code Vulnerability details Summary Liquidity providers may lose funds when initialising a strategy Vulnerability Detail Liquidity providers may lose a portion of provided liquidity in either of the pair tokens when creating a new position. The init function on TalosBaseStrategy.sol does...

Interactions with Pool do not use valid deadlines for operations

Lines of code Vulnerability details Impact Miner can potentially hold the transaction which results in loss of funds for users. Proof of Concept File: TalosBaseStrategy.sol liquidityDifference, amount0, amount1 = nonfungiblePositionManager.increaseLiquidity...

Reward clarinets can claim rewards multiple times

Lines of code Vulnerability details Impact Reward claimers can call the get accrued reward function multiple times and maybe even drain the contract Proof of Concept As we can see there’s no check setting the accrued reward to zero after the rewards have been transferred Tools Used Manual review...

Potential Integer Underflow/Overflow: The code uses the SafeCastLib library for type conversions, but it does not handle potential underflow or overflow situations.

Lines of code Vulnerability details Impact The potential integer underflow/overflow vulnerability in the code can lead to incorrect calculations, unexpected behavior, and potential security issues. Proof of Concept In the provided code, there are a few areas where potential integer...

Incorrect usage of Comparison Operator(==) instead of Asignment Operator(=) in PartnerManagerFactory

Lines of code Vulnerability details Impact The incorrect usage of comparison operator instead of an assignment operator in addPartner and addVault functions could lead to undesirable behaviour. While the mapping partnerIds and vaultIds are supposed to keep track of the IDs, due to the error, thes...

Incorrect Use of Equality Operator in addPartner and addVault Functions

Lines of code Vulnerability details Impact The addPartner and addVault functions in the PartnerManagerFactory contract are intended to add new partner managers and vaults respectively. These functions also assign a unique ID to each new partner manager and vault by storing them in the partnerIds...

[H] Users can withdraw more tokens than they have staked

Lines of code Vulnerability details Impact Users can withdraw more tokens than they have staked from the contract. In stakerewardV2pool, there is no check to stop a user from withdrawing more tokens than they have staked. The tokens are simply subtracted from the user's balance and from the total...

The _spendAllowance function in EUSD contract is labeled as virtual which can be overriden as malicious code

Lines of code Vulnerability details Impact The spendAllowance function is labeled as virtual which can be overriden by some malicious code Proof of Concept The attacker could modify the spendAllowance function to only call approve function of same contract which is internal and can pass max...

Users with bad collateralization ratio from either rebase/nonrebasevault can bypassliquidation

Lines of code Vulnerability details Impact users with an unsafe collateralization ratio who are supposed to be liquidated can manipulate the rigidRedemption feature to bypass the liquidation. From the code above its noted that being a rigidRedemption provider one can can put their collateral amou...

[M] Mining rewards are not distributed to users

Lines of code Vulnerability details Impact Expected mining rewards in distributeRewards are not distributed due to a revert in purchaseOtherEarnings. Proof of Concept A missing mintVault implementation in transferFrom will inevitably cause a revert in purchaseOtherEarnings. This means expected...

[M] Hardcoded address will not remain consistent across other chains

Lines of code Vulnerability details Impact The hardcoded address for the LBR token will not remain consistent across other chains, such as Polygon, Avalanche, Arbitrum and BSC for example. IEUSD0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2.balanceOfethlbrLpToken Proof of Concept Hardcoding the addre...

Exploiter can avoid negative Lido rebases stealing funds from EUSD vaults

Lines of code Vulnerability details Description Lybra keeps the exact amount of collateral as deposited ignoring any lido rebases. That allows malicious users to sandwich negative rebase transactions with depositing and withdrawing their stETH saving the exact amount as before negative rebase. Th...

Missing store revert in case of erc20 conversion error can lead to loss of funds

Lines of code Vulnerability details Impact The module is expected to have no changes in case a erc20 conversion failed. It was implemented by swallowing the error with a log and continuing with the flow finishing the IBC transfer. This is the relevant code section: if , err =...

Incorrect setting of EthIBCDenom invalidates risk management limits

Lines of code Vulnerability details Impact In the documentation, it is stated that: For risk management purposes, a swap will fail if the input coin amount exceeds a pre-defined limit 10 USDC, 10 USDT, 0.01 ETH or if the swap amount limit is not defined. However, in the code it defined as:...

D

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps Assessed...

Upgraded Q -> 2 from #112 [1686922871117]

Judge has assessed an item in Issue 112 as 2 risk. The relevant finding follows: | | Issue | Instances ---|---|--- M-1 | Centralization Risk for trusted owners | 19 M-1 Centralization Risk for trusted owners Impact: Contracts have owners with privileged rights to perform admin tasks and need to b...

Upgraded Q -> 2 from #327 [1686724891862]

Judge has assessed an item in Issue 327 as 2 risk. The relevant finding follows: L-04 addBid does not increment the endBlock of the auction when it is close to the end, preventing the protocol from capturing extra value When an Auction is created, it sets a lotItem.endBlock. This value remains...

Upgraded Q -> 2 from #130 [1686726021314]

Judge has assessed an item in Issue 130 as 2 risk. The relevant finding follows: Possible Infinite Loops If the condition triggers the continue, then the loop variable does not get incremented. The condition never changes, as the same condition is checked over and over again, resulting in an...

Blacklisted Address Can Exploit the Exchange

Lines of code Vulnerability details Impact Addresses that are blacklisted for popular ERC20 tokens such as USDC, USDT can be leveraged to exploit the exchange in a number of ways. These addresses cannot be liquidated in any case where they would be transferred back a leftover collateral amount in...

Accidentally setting expirationPeriod to Zero will cause all actions execution to Fail.

Lines of code Vulnerability details Description During action execution, when user calls executeAction the function call getActionState to get the current state for the action, if this actions is queued successfully and the disapproval check passed, the function check if the action expired by...

Challenger can change the output root or delete output root arbitrarily to authorize invalid withdrawal or block withdrawal infinitely

Lines of code Vulnerability details Impact Challenger can change the output root or delete output root arbitrarily Proof of Concept In the OptimismPortal.sol, when prove and finalize the transaction the output root needs to be verificated // Grab the OutputProposal from the L2OutputOracle, will...

Aunction DOS

Lines of code Vulnerability details Impact All auction functions are under a potential DOS or exploitability vulnerability A 2 day duration is added to the current block.number when creating a lot. This introduces a critical flaw, Adding 2 86400correct value of 2 days / 27200wrong value used in...

Technically the seven days period is not guaranteed and it's possible for the challenger to delete a withdrawal even if it hasn't been challenged during the seven days

Lines of code Vulnerability details Proof of Concept There's an existing logic to prevent the CHALLENGER from deleting a l2Output after the finalization period has ended. This is done to prevent having user withdrawals blocked after the finalization period has elapsed without challenges. The...

UNJUSTIFIED ZERO INDEX VALIDATION HINDERS INDEX VALUE OF 0

Lines of code Vulnerability details Impact SocializingPool.verifyProof currently incorporates a zero index check which blocks the entry of an index value of 0. While this check is designed to prevent the use of invalid index values, it inadvertently prohibits the valid index value of 0. This may...

Individual nodes can manipluate sdPriceInETH to be any value inside StaderOracle#submitSDPrice

Lines of code Vulnerability details Trusted nodes can submit their attested ethereum price by calling StaderOraclesubmitSDPrice. Once a 66% majority of nodes submit a price for a specific block number, the new sdPriceData will be set to the median of the submitted prices. function...

Oracle timeout at rebalance will result in a sell-off of all RSRs at 0 price

Lines of code Vulnerability details When creating the trade for rebalance, the RecollateralizationLibP1.nextTradePair uses uint192 low, uint192 high = rsrAsset.price; // UoA/tok to get the rsr sell price. And the rsr assert is a pure Assert contract, which price function will just return 0, FIXMA...

Recipient address is not appropriately validated or sanitized in the BaseFeeVault contract (loss of funds)

Lines of code Vulnerability details Impact If the recipient address is not properly validated, an attacker could supply a malicious address as the recipient. This could result in the accumulated fees being sent to an unintended or unauthorized party. It could lead to financial loss or disruption ...

PoolSelector.computePoolAllocationForDeposit could return an unfair value.

Lines of code Vulnerability details Impact When calling StaderStakePoolsManager.validatorBatchDeposit, it calls PoolSelector.computePoolAllocationForDeposit to get the validator count to deposit for the pool. It calculates the count based on the capacity and the weight of the pool. However,...

Attacker can frontrun user bid with wrong lotId and create the lot with that lotId, forcing the user to take a big loss

Lines of code Vulnerability details Impact User takes a huge loss by getting 1 SD token, but bidding an amount possibly much bigger. Attackers are incetivized to perform this if they are ETHx holders and want to increase the value of their tokens. Proof of Concept When a user adds a bid to the...

New treasury rate should not affect existing loan

Lines of code Vulnerability details Impact In the protocol, lenders have to pay a small treasury fee when they claim their interest. The contract owner can change this treasuryRate at any time using the function setTreasuryRate. // @audit treasury rate should not affect existing loan function...

ParticleExchange.auctionBuyNft and ParticleExchange.withdrawEthWithInterest function calls can be DOS'ed

Lines of code Vulnerability details Impact When lien.borrower is a contract, its receive function can be coded to conditionally revert based on a state boolean variable controlled by lien.borrower's owner. As long as payback 0 is true, lien.borrower's receive function would be called when calling...

Unspent WETH is not considered in buyNftFromMarket()

Lines of code Vulnerability details Unspent WETH is not considered in buyNftFromMarket Impact In the buyNftFromMarket function, the borrower buys an NFT in order to repay and close their loan. The purchase is executed in the internal function named execBuyNftFromMarket. 395: function...

Users can bypass distributions fees by ragequitting instead of using a formal distribution

Lines of code Vulnerability details Impact Distribution fees can be bypassed by ragequitting instead of distributing Proof of Concept address payable feeRecipient = feeRecipient; uint16 feeBps = feeBps; if tokenType == ITokenDistributor.TokenType.Native return distributor.createNativeDistribution...

Recovery transaction can be replayed after a cancellation

Lines of code Vulnerability details Recovery transaction can be replayed after a cancellation The recovery transaction can be replayed after a cancellation of the recovery procedure, reinstating the recovery mechanism. Impact The Ambire wallet provides a recovery mechanism in which a privilege ca...

arbitrary reservedRate value will result the next swap to be wrongly executed

Lines of code Vulnerability details Impact the function "payParams" will set the variable reservedRate without checking the effective value of that param,in fact if someone decides to call the "payParams" function passing as data.reservedRate a number 10k will result in the next swap that will...

M-01 Unmitigated

Lines of code L1 Vulnerability details Lines of code L1 Vulnerability details Confirmed --- The text was updated successfully, but these errors were encountered: All reactions...

Anyone can front-rundidPay calling payParams to grief swaps and mints

Lines of code Vulnerability details Impact The payParams function in the IJBPayDelegate contract does not currently have any form of access control implemented. This could allow a malicious user to manipulate the mintedAmount and reservedRate state variable, which can interfere with the correct...