10190 matches found
Missing ERC20 return value check in MerkleVesting#withdraw
Lines of code Vulnerability details MerkleVestingwithdraw does not check the return value of the token withdrawal on line 173. If an ERC20 token returns false to indicate a failed transfer but does not revert, this transfer will silently fail but the withdrawal amount will still be deducted from...
The Contract Should approve(0) first
Originally submitted by warden defsec in 198, duplicate of 178 related to the use of safeApprove. This is upgraded from a QA report to standalone issue because it correctly described the revert when trying to call safeApprove on non-zero allowance. QA report that only describe safeApprove as...
User can call liquidate() and steal all collateral due to arbitrary router call
Lines of code Vulnerability details Impact A malicious user is able to steal all collateral of an unhealthy position in PARMinerV2.sol. The code for the liquidate function is written so that the following steps are followed: User calls PARMinerV2.liquidate PARMinerV2 performs the liquidation with...
GUniLPOracle can provide stale prices
Lines of code Vulnerability details As stale price is determined by assetUpdatedAt, which is the time since last timestamp, the price that is most recent, but wasn't updated for more than threshold, will be rejected, which makes system unavailable in such a case. In the same time real stale price...
ERC20 tokens with no return value will fail to transfer
Lines of code Vulnerability details Although the ERC20 standard suggests that a transfer should return true on success, many tokens are non-compliant in this regard including high profile, like USDT . In that case, the .transfer call here will revert even if the transfer is successful, because...
Inconsistent balance when supplying fee-on transfer tokens
Lines of code Vulnerability details Impact There are ERC20 tokens that may make certain customizations to their ERC20 contracts. One type of these tokens is deflationary tokens that charge a certain fee for every transfer or transferFrom. Proof of Concept AaveV3YieldSource.solL237 Tools Used Manu...
Oracle failure allows NFT to be stolen
Lines of code Vulnerability details Impact Any temporary failure in an oracle relaying a price allows the NFT collateral to be removed by the lender, even if the value of the NFT is still far above the agreed-upon liquidation value. Considering that oracle price retrieval failure is accounted for...
Use Victims Collateral by Frontrunning
Lines of code Vulnerability details Issue: the require statement in requestLoan doesn't check if the one that provides the collateral is the same address that requests the loan Consequences: If an NFT is transferred to the contract by itself, either on accident or preparing to call requestLoan wi...
Moral hazard of borrower calling liquidate() and potential Oracle manipulation
Lines of code Vulnerability details Impact In the InceptionVaultsCore contract, the liquidate and liquidatePartial function can be called anyone. This means that the borrower for a specific vaultId can call liquidate or liquidatePartial on his own vault. Furthermore, the project incentivizes...
Customers cannot be topUp()ed a second time
Lines of code Vulnerability details OpenZeppelin's safeApprove will revert if the account already is approved and the new safeApprove is done with a non-zero value function safeApprove IERC20 token, address spender, uint256 value internal // safeApprove should only be called when setting an initi...
Oracle data feeds are insufficiently validated
Lines of code Vulnerability details Impact If the oracle price feeds are insufficiently validated, there will be pricing errors leading to the miss-pricing of assets/risk Proof of Concept The code does not verify that answeredInRound = roundID for both cases where an oracle is used, and the...
_revokeRole doesn't remove account from roleMember set
Lines of code Vulnerability details Impact The function doesn't remove the address from roleMembersrole set, which will mess up with the roleCount Proof of Concept Tools Used Recommended Mitigation Steps rolesrole.membersaccount = false; roleMembersrole.removeaccount; --- The text was updated...
RoleManager.sol: _revokeRole doesn't remove from the _roleMembers[role] set
Lines of code Vulnerability details Impact In the file RoleManager.sol the function revokeRole doesn't remove the account from the roleMembersrole set. This makes getRoleMemberCount wrong for the else part therefore the renounceGovernance require, on the number of governor, useless and risky as...
Attacker can cause minter to lose his funds by calling sync() between deposit and mint()
Lines of code Vulnerability details Impact All funds will be lost Proof of Concept To mint new index tokens underlying tokens need to be deposited in Vtoken.sol and then call the mint function. The mint function does balance-previousBalance to calculate tokens that were deposited. The previous...
Chainlink's latestRoundData might return stale or incorrect results
Lines of code Vulnerability details Impact In ChainlinkPriceOracle.sol, latestRoundData is used but there is no check if the return value indicates stale data. This could lead to stale prices according to the Chainlink documentation: Proof of Concept ChainlinkPriceOracle.solL83...
Staked Citadel function balance and reportHarvest
Lines of code Vulnerability details Impact In the StakedCitadel...
Improper Validation Of Chainlink's latestRoundData Function
Lines of code Vulnerability details Impact When using Chainlink Price feeds, it is important to ensure the price feed data was updated recently. While getting started with chainlink requires just one line of code, it is best to add additional checks for "in production" environments. Here,...
JPEGLock.lockFor can relock for specific nft, which overwrites previous lock and cause JPEG loss of the locker
Lines of code Vulnerability details Impact NFTVault contract allows anyone to finalize a pending NFT value proposal by calling the finalizePendingNFTValueETH function. A finalizer must lock an equivalent amount of JPEG tokens to the proposed NFT value in JPEGLock, and can only withdraw those toke...
Use latestRoundData instead latestAnswer of Chainlink aggregators
Lines of code Vulnerability details Impact Use latestAnswer in vaults/NFTVault.sol may get stale ETH price in USD ethPriceUSD, stale value in ETH of the NFT getNFTValueETH, stale JPEG price in USD jpegPriceUSD, and also stale USD price of one unit of collateral asset collateralPriceUsd of...
FungibleAssetVaultForDAO: Use latestRoundData + validate data freshness
Lines of code Vulnerability details Details & Impact The deprecated latestAnswer API is being used, which may at any time fail to work if Chainlink ends support for it. In addition, the data freshness should be checked. The oracle could, for example, not have been updated in a while, causing...
NonCustodialPSM.mint and redeem using mint control buffer in the inverted way
Lines of code Vulnerability details Impact Now there is no control of VOLT's issuance. For example, super fast VOLT mining is allowed, while mint control buffer will sit capped at its bufferCap, not affecting anything. This way mint speed control is disabled. The issue is that NonCustodialPSM.min...
Re-entrace danger in PCVDeposit
Lines of code Vulnerability details Impact A malicious contract can empty all the system if he get ETH with the function withdrawETH. The onlyPCVController call this function and send ETH to the malicious contract, and then the malicious can use delegatecall and pretend to be onlyPCVController, a...
PaladinRewardReserve.sol may have potential bugs if it uses new tokens as rewards
Lines of code Vulnerability details Impact PaladinRewardReserve.sol may have potential bugs if it uses new tokens as rewards. Proof of Concept Currently, PaladinRewardReserve.sol has following behaviors: mappingaddress = bool public approvedSpenders does not store the info regarding which token i...
STORAGE COLLISION BETWEEN PROXY AND IMPLEMENTATION (LACK EIP 1967)
Lines of code Vulnerability details Impact Storage collision because of lack of EIP1967 could cause conflicts and override sensible variables Proof of Concept contract CoreProxy is Ownable address private immutable implement; When you implement proxies, logic and implementation share the same...
One co-creator with a small share can get 100% of the funds in the splitter
Lines of code Vulnerability details Impact One co-creator with a small share can get 100% of the funds by calling the incrementWindow function from an attacker contract that mimics RoyaltyVault. He can then create one or multiple fake windows and claim them to get the full balance of the splitter...
DoS: Attacker May Front-Run CoreFactory.createProject() Or CoreFactory.addCollection() With A collection.id Causing Future Transactions With The Same collection.id to Revert
Lines of code Vulnerability details Impact A collection.id may only be used once in CoreFactory.createCollection since the the contract is deployed using the create2 opcode with a repeated salt and contract bytecode will fail to deploy a contract. Furthermore, the modifier onlyAvailableCollection...
_withdrawLiquidity() is Not Consistent With start()
Lines of code Vulnerability details Impact withdrawLiquidity details a number of scenarios under which a user may withdraw their liquidity. The first two scenarios outline cases where the credit line has either been cancelled by the borrower or insufficient assets have been lent out to the pool b...
approve and safeApprove Should Approve the Zero Amount First
Lines of code Vulnerability details Impact The PooledCreditLine.sol and LenderPool.sol contracts approve the strategy contract on the collateral or borrow assets before depositing funds. This allows the strategy contracts to transfer on behalf of these contracts, pulling assets out from the pool...
[WP-H10] GenericSwapFacet.sol#swapTokensGeneric() duplicated .call{ value: msg.value } makes it possible for the attacker to steal native tokens (ETH) from the contract
Lines of code Vulnerability details function swapTokensGenericLiFiData memory lifiData, LibSwap.SwapData calldata swapData public payable uint256 receivingAssetIdBalance = LibAsset.getOwnBalancelifiData.receivingAssetId; // Swap executeSwapslifiData, swapData; uint256 postSwapBalance =...
if msg.value > amount , then extra eth is not transfered back to user
Lines of code Vulnerability details Impact if msg.value amount , there is no mechanism to send extra eth back due to which user will lose extra Proof of Concept function startBridgeTokensViaCBridgeLiFiData memory lifiData, CBridgeData calldata cBridgeData public payable if cBridgeData.token !=...
Swap Functions Do Not Verify Final Token Matches The Swapped Token
Lines of code Vulnerability details Impact When calling Swapper.executeSwaps there are no checks to ensure the received token matches the final swapped token. If these are different it may result in user funds being locked in the contract. This issue is present in each of the following functions:...
Lack of checks between _swapData and _lifiData could lead to loss of funds and reputation risk.
Lines of code LibSwap.swap swapTokensGeneric Vulnerability details Impact Users could input incongruent values for lifiData and swapData leading to a swap no being processed correctly and users not getting any of the expected lifiData.receivingAssetId. It can also damage reputation because LiFi...
Incorrect implementation of Lender can result in lost tokens
Lines of code Vulnerability details Impact MapleLoanInternals.sendFee should check returnData.length == 32 before decoding, otherwise if it returns bytes data, the abi.decode will return 0x20, result in lost tokens. Proof of Concept This contract can test that when the function returns bytes data...
Inconsistency behavior between bAsset tokens and the standard cw20 tokens
Lines of code Vulnerability details Impact The implementation of the send function of bAsset tokens is inconsistent with the standard cw20's implementation. In the standard implementation, the msg and the transfer amount are passed to the recipient contract as a regular message. However, in the...
[WP-H3] money-market-contracts/oracle#feed_prices() delayed transaction may disrupt price feeds
Lines of code Vulnerability details The implementation only takes two attributes: asset and price. And the lastupdatedtime of the record will always be set to the current block.time. This makes it possible for the price feeds to be disrupted when the network is congested, or the endpoint is down...
Simple interest calculation is not exact
Lines of code Vulnerability details Impact The borrow rate uses a simple interest formula to compute the accrued debt, instead of a compounding formula. pub fn computeinterestraw state: &mut State, blockheight: u64, balance: Uint256, aterrasupply: Uint256, borrowrate: Decimal256, targetdepositrat...
Rewards can be stolen from contract
Lines of code Vulnerability details It was observed that executeclaimrewards/executedecreasebalance/executeincreasebalance are missing to update the global index before calculating user rewards in anchorbassetreward contract This can lead to serious consequences: 1. executeincreasebalance functio...
Miners Can Manipulate tx.gasprice to Drain Users' Wallets in postIncomingMessages()
Lines of code Vulnerability details Impact The postIncomingMessages function is used to broadcast signed data indicating that a funds on an schain will be moved to mainnet. While the function performs proper signature verification, it doesn't prevent any arbitrary user from frontrunning the...
Nodes can drain SKALE chain owners' wallets
Lines of code Vulnerability details The contest code does a good job of preventing users from withdrawing too quickly or attempting to do things without funds for gas. The nodes themselves however are not as well-secured. Impact By monitoring the values of headerMessageGasCost and messageGasCost...
Fees Are Incorrectly Charged on Unfinalized NFT Sales
Lines of code Vulnerability details Impact Once an auction has ended, the highest bidder now has sole rights to the underlying NFT. By finalizing the auction, fees are charged on the sale and the NFT is transferred to auction.bidder. However, if auction.bidder accepts an offer before finalization...
LockedBalance library should drop parameters to 96/32 bits
Lines of code Vulnerability details Impact The LockedBalance contract takes 256-bit amount values but performs bit math on them as if they were 96 bit values. Bits could spill over to a different locked balance in the else part lockedBalance stores two 128-bit locked balances in one 256-bit stora...
Fee-on-transfer/rebalancing tokens are not supported
Lines of code Vulnerability details Impact Some ERC20 tokens make modifications to their ERC20's transfer or balanceOf functions. One type of these tokens is deflationary tokens that charge a certain fee for every transfer or transferFrom. Others are rebasing tokens that increase in value over ti...
QA Report
Low and non-critical bugs wrong implementation of ERC4626RouterBase's withdraw function In the interface we can see the function description: / @notice withdraw amount from an ERC4626 vault. @param vault The ERC4626 vault to withdraw assets from. @param to The destination of assets. @param amount...
[WP-M2] Wrong implementation of TurboSafe.sol#less() may cause boosted record value in TurboMaster bigger than actual lead to BoostCapForVault and BoostCapForCollateral to be permanently occupied
Lines of code Vulnerability details // Get out current amount of Fei debt in the Turbo Fuse Pool. uint256 feiDebt = feiTurboCToken.borrowBalanceCurrentaddressthis; // If our debt balance decreased, repay the minimum. // The surplus Fei will accrue as fees and can be sweeped. if feiAmount feiDebt...
[WP-M3] TurboRouter.sol#createSafeAndDeposit*() CreateSafeAndDeposit combo methods won't work as an allowance cannot be granted to a newly created Safe for deposit
Lines of code Vulnerability details The TurboRouter.soldeposit function can be used in a multicall together with approve and pullToken from PeripheryPayments to pull tokens from msg.sender and grant allowance for the ERC4626 Safe to call asset.safeTransferFrom with the msg.sender being the router...
VUSD.processWithdrawals() Can Be Filled With Empty Withdrawals
Lines of code Vulnerability details Impact The processWithdrawals function intends to allow for users to finalise their withdrawal in a canonical fashion. By enforcing the order of withdrawals, the protocol can ensure that users are paid out fairly. However, because the function only allows for...
liquidation is vulnerable to sandwich attacks
Lines of code Vulnerability details when an account is liquidated, there is no minimum amount of the swap, which makes it vulnerable for sandwich attacks. Proof of Concept Alice's long position can be liquidated, bob notices it and creates a short position, then liquidates her position, thus...
Attacker can DOS VUSD withdrawal by spamming withdrawals of zero tokens
Lines of code Vulnerability details Impact By spamming withdrawal requests of 0, the user can clog the withdrawal queue. For anybody to withdraw their funds somebody has to first unclog it by running processWithdrawal. Depending on the number of spam withdrawals, potentially multiple times. Since...
TurboSafe - should override maxWithdraw and maxRedeem
Lines of code Vulnerability details Impact Considering the EIP , as withdraw must revert if it is not possible to withdraw assets , it is important to have an accurate maxWithdraw function. However, here, maxWithdraw does not account for the current max withdrawal in the cToken contract. Liquidit...
Griefing attack at VUSD withdraw queue is possible
Lines of code Vulnerability details Impact A malicious user can make lots of withdrawal requests to fill up the queue, making VUSD withdrawals unreachable for all other users Proof of Concept There is no control of the size or number of the withdrawal requests, and VUSD will burn even 1 wei amoun...