Integer overflow can affect router balances

Lines of code Vulnerability details Impact Integer overflow can affect router balances. Proof of Concept The repayAavePortal method of the PortalFacet contract subtracts the balance within an unchecked region, but this balance is not checked beforehand to be greater than the amountIn. unchecked...

No Slippage Protection During Redeeming Matured Positions

Lines of code Vulnerability details Proof-of-Concept The lack of slippage checks can cause redemption of matured positions to happen at a bad rate/prices, resulting the trade to receive fewer tokens than the fair market rate/price. The NotionalTradeModule.redeemMaturedPositions function calls the...

IsWrappedFcash check is a gas bomb

Lines of code Vulnerability details Impact In the isWrappedFCash check, the notionalTradeModule check whether the component is a wrappedCash with the following logic. try IWrappedfCashfCashPosition.getDecodedID returnsuint16 currencyId, uint40 maturity try...

Upgraded Q -> M from 137 [1654449389324]

Judge has assessed an item in Issue 137 as Medium risk. The relevant finding follows: It does not even check the return value and a low-level call succeeds if the address is empty or non-existent. dexMapping is a manually operated config so it may not contain info for all collateral tokens, and i...

Minter.sol#_executeInflationRateUpdate() inflationManager().checkpointAllGauges() is called after InflationRate is updated, causing users to lose rewards

Lines of code Vulnerability details When Minter.solexecuteInflationRateUpdate is called, if an INFLATIONDECAYPERIOD has past since lastInflationDecay, it will update the InflationRate for all of the gauges. However, in the current implementation, the rates will be updated first, followed by the...

Bad use of safeApprove

Lines of code Vulnerability details Impact Function deposit in booster could revert when stake option is true if the contract has an allowance of the token for rewarcontract 0. The same in many contracts but in VE3DRewardPool.sol a user can get his rewards blocked. Proof of Concept If the contrac...

Value Overflow in FulfillmentApplier.sol

Lines of code Vulnerability details Value Overflow in FulfillmentApplier.sol Repo commit referenced: 49799ce156d979132c9924a739ae45a38b39ecdd Impact In aggregateValidFulfillmentOfferItems Line 274 and aggregateValidFulfillmentConsiderationItems Line 571 a variable errorBuffer has been defined as ...

No way to close multiple channels - Under attack scenario

Lines of code Vulnerability details Impact = Currently contract has no functionality to close multiple channels = In case multiple open channels are performing maliciously, owner has to individually call updateChannel to close those channel = Closing channels one by one will be time consuming and...

Cancelled orders cannot be valid again

Lines of code Vulnerability details Impact The validate function will call the verifyOrderStatus function. When orderStatus.isCancelled == true, the canceled order cannot be set as valid. function verifyOrderStatus bytes32 orderHash, OrderStatus memory orderStatus, bool onlyAllowUnused, bool...

Anyone can add Gauge reward tokens and cause DoS

Lines of code Vulnerability details Impact The Gauge.notifyRewardAmount function does not have any access restriction. Anyone an attacker can frontrun and call this function to add arbitrary even malicious gauge reward tokens up to MAXREWARDTOKENS = 16. An attacker is able to frontrun and add 16...

External contract calls inside loops may result in DoS.

Lines of code Vulnerability details Impact Calls to external contracts inside a loop are dangerous especially if the loop index can be user-controlled because it could lead to DoS if one of the calls reverts or execution runs out of gas. Reference Proof of Concept for uint i = 0; i 0...

_writeCheckpoint() in Gauge use wrong index to get prevVoteStatus

Lines of code Vulnerability details Impact All the Voting values calculated by writeCheckpoint when it's not first checkpoint is going to set to False instead of account's last vote and because vote has been used in earned and reward calculation so reward distribution is going to be wrong too...

BathToken uninitialized rewardsVestingWallet leading to loss of funds

Lines of code Vulnerability details Impact Contract BathToken.sol implements distributeBonusTokenRewards function that allows distributing non-underlying bath token incentives to pool withdrawers. In case of rewardsVestingWallet being set implementation triggers release function of...

User rewards stop accruing after any _writeCheckpoint calling action

Lines of code Vulnerability details Any user balance affecting action, i.e. deposit, withdraw/withdrawToken or getReward, calls writeCheckpoint to update the balance records used for the earned reward estimation. The issue is that writeCheckpoint always sets false to voted flag for the each new...

massUpdatePools() is susceptible to DoS with block gas limit

Lines of code Vulnerability details Impact massUpdatePools is a public function and it calls the updatePool function for the length of poolInfo. Hence, it is an unbounded loop, depending on the length of poolInfo. If poolInfo.length is big enough, block gas limit may be hit. Proof of Concept Tool...

Rounding-error can be redeemed for free

Originally part of a QA report by gzeon 59 Rounding-error can be redeemed for free If the redeemAmount is 0 but less than the value of 1 share, 0 share will be burned while the user can withdraw non-zero amount. uint256 shares = tokenToSharesredeemAmount; --- The text was updated successfully, bu...

AuraLocker.sol lock() can be used to dos user

Lines of code Vulnerability details Impact User funds permanently stuck in AuraLocker Proof of Concept The lock function allows anyone to deposit and lock tokens for another address. If the most recent lock is not expired, it pushes a new lock to the array of locks for that user in the following...

[WP-H3] Lack of liquidation makes it possible for alToken to be undercollateralized

Lines of code Vulnerability details function liquidate address yieldToken, uint256 shares, uint256 minimumAmountOut external override lock returns uint256 onlyWhitelisted; checkArgumentshares 0; YieldTokenParams storage yieldTokenParams = yieldTokensyieldToken; address underlyingToken =...

Exchange Rate Race Condition

Lines of code Vulnerability details GAX-01M: Exchange Rate Race Condition | File | Lines | Type ---|---|--- gALCX.sol | L69-L81 | Improper State Assumption Description The gALCX contains a race condition whereby whenever the contract has no stakes such as when the contract is first deployed the...

YieldManager: Uniswap token swaps through fixed path may break yield distribution

Lines of code Vulnerability details Details & Impact All harvested yield tokens are swapped through the Uniswap adapter to USDC. While out of scope, the Uniswap adapter code is relevant here, as I note that the path taken for the swap would be assetFrom - WETH - assetTo unless assetFrom is alread...

[LidoVault.sol][_withdrawFromYieldPool] Should not call return receivedETHAmount before the require check

Lines of code Vulnerability details Impact It is possible that users cannot receive ETH if sending ETH to users is not successful because the require check is unreachable. Proof of Concept withdrawFromYieldPool function executes the following code if user requests ETH withdrawal. if asset ==...

Malicious ERC20 or ERC777 could be used as collateral

Lines of code Cally.solL296 Vulnerability details Impact A malicious ERC20 or ERC777 could be used as collateral and rug the exerciser on exercise through a malicious implementation of ERC20vault.token.safeTransfer. Proof of Concept Any ERC20/ERC777 token is accepted as there is no whitelist. Thi...

No cumulative power check when updating valset

Lines of code Vulnerability details Impact When batches are submitted by validators in the current valset, they are checked for validity based on signatures and cumulative powers. Each validator in the valset has an associated power which can give certain validators more voting power than others...

Batch Transfer will likely fail on ERC777 transfers, either maliciously or accidentally

Lines of code Vulnerability details Impact If users attempt to bridge ERC777s from Cosmos to Ethereum, it is highly likely that the transfers will revert. The issue lies in the combination of using safeTransfer and the idea of batching. safeTransfer will revert for any failed transfer meaning tha...

Voting power of new validators not checked in updateValset function, Gravity.sol

Lines of code Gravity.solL276-L358 Vulnerability details Impact While the voting power of the current valset is checked when the checkValidatorSignatures function is called in updateValset, the power of the new valset is not. This could cause some functions to not work since whenever...

Attackers can prevent the transfer of the highest-value Cosmos to Ethereum transactions

Lines of code Vulnerability details In order to ensure that profitable batches are eventually created we must avoid locking up the high fee 'good transactions' into obviously bad batches. To add to the difficulty we don't actually know what any token in this process is worth or what ETH gas costs...

Fees in TokenManager.sol:function changeFee() should be upper-bounded

193 comment Warden: Dravee --- The text was updated successfully, but these errors were encountered: All reactions...

FixedPricePassThruGate locks excess ETH payments

Lines of code Vulnerability details The FixedPricePassThruGate accepts ETH amounts greater than or equal to the calculated price, but only forwards an amount exactly equal to the calculated price to the configured beneficiary address. Excess ETH sent through the gate will be permanently locked in...

transfer is used for transfering ether

Originally submitted by warden pauliax in 173, duplicate of 52. .transfer is used for transfering ether, e.g.: payableto.transferamount; payablemsg.sender.transferamount; It is currently not recommended as recipients with custom fallback functions smart contracts will not be able to handle that...

SpeedBumpPriceGate.sol and FixedPricePassThruGate.sol should check whether gate.beneficiary is address(0)

Lines of code Vulnerability details Impact In SpeedBumpPriceGate\addGate and FixedPricePassThruGate\addGate, it doesn’t check whether gate.beneficiary is address0. Therefore, when doing passThruGate. ETH will be sent to address0. These ETH can never be taken back. Proof of Concept beneficiary can...

Multiple vestings for the same user will fail

Lines of code Vulnerability details Impact Loss of funds from multiple vestings for a single user Proof of Concept In MerkleVesting and MerkleResistor vestings are distributed using merkle trees. Creators of the vesting submit the Merkle root of the tree and deposit the funds to be distributed. A...

Tokens having more than 18 decimals are not supported

Originally submitted by warden pauliax in 173, duplicate of 49. Tokens having more than 18 decimals are not supported, the calculation will revert here: function decimalMultiplieraddress token internal view returns uint256 return 1018 - IERC20Fulltoken.decimals; --- The text was updated...

CNft.sol - revert inside safeTransferFrom will break composability & standard behaviour

Lines of code Vulnerability details The function safeTransferFrom is a standard interface in ERC1155, and its expected to succeed if all the parametes are valid, and revert on error, which is not the case here so its a deviation. Refer to the EIP-1155 safeTransferFrom rules: MUST revert if to is...

amount requires to be updated to contract balance increase (12)

Lines of code Vulnerability details Impact Every time transferFrom or transfer function in ERC20 standard is called there is a possibility that underlying smart contract did not transfer the exact amount entered. It is required to find out contract balance increase/decrease after the transfer. Th...

Unhandled return value of ERC20 transfer

Lines of code Vulnerability details Impact For reference, see similar Medium-severity finding from Consensys Diligence Audit of Aave Protocol V2: As stated in the above finding: “ERC20 implementations are not always consistent. Some implementations of transfer and transferFrom could return ‘false...

ABDKMath64 performs multiplication on results of division

Lines of code Vulnerability details Impact Solidity could truncate the results, performing multiplication before division will prevent rounding/truncation in solidity math. Recommended Mitigation Steps Consider ordering multiplication first. --- The text was updated successfully, but these errors...

Fund loss or theft by attacker with creating a flash loan and setting SuperVault as receiver so executeOperation() will be get called by lendingPool but with attackers specified params

Lines of code Vulnerability details Impact According to Aave documentation, when requesting flash-loan, it's possible to specify a receiver, so function executeOperation of that receiver will be called by lendingPool. In the SuperVault there is no check to prevent this attack so attacker can use...

GUniLPOracle can provide stale prices

Lines of code Vulnerability details As stale price is determined by assetUpdatedAt, which is the time since last timestamp, the price that is most recent, but wasn't updated for more than threshold, will be rejected, which makes system unavailable in such a case. In the same time real stale price...

[WP-M1] supplyTokenTo() may fail when Aave Pool address changed

Lines of code Vulnerability details function supplyTokenTouint256 depositAmount, address to external override nonReentrant uint256 shares = tokenToSharesdepositAmount; requireshares 0, "AaveV3YS/shares-gt-zero"; address underlyingAssetAddress = tokenAddress;...

Early Depositor can DOS Deposits

Lines of code Vulnerability details Impact A malicious, but generous, early depositor can DOS all future deposits. This is accomplished by directly sending aTokens to the AaveV3YieldSource.sol contract after making their first deposit. The amount of aTokens sent to the contract will manipulate th...

_amount requires to be updated to contract balance increase (3)

Lines of code Vulnerability details Impact Every time transferFrom or transfer function in ERC20 standard is called there is a possibility that underlying smart contract did not transfer the exact amount entered. It is required to find out contract balance increase/decrease after the transfer. Th...

Incorrect accounting of free weight in _decrementWeightUntilFree

Lines of code Vulnerability details Impact In decrementWeightUntilFree, the free weight is calculated by balanceOfuser - getUserWeightuser plus weight freed from non-deprecated gauges. The non-deprecated criteria is unnecessary and lead to incorrect accounting of free weight. Proof of Concept...

Swapper3Crv.sol use the wrong address for sushiswap

Lines of code Vulnerability details Impact This seems to be out of scope, but still worth mentioning. This line should be address sushiSwap = SUSHISWAP; --- The text was updated successfully, but these errors were encountered: All reactions...

_revokeRole doesn't remove account from roleMember set

Lines of code Vulnerability details Impact The function doesn't remove the address from roleMembersrole set, which will mess up with the roleCount Proof of Concept Tools Used Recommended Mitigation Steps rolesrole.membersaccount = false; roleMembersrole.removeaccount; --- The text was updated...

_mintSharesFor doesn’t check whether the pool is zero.

Lines of code Vulnerability details Impact In StakedCitadel.sol/mintSharesFor, it doesn’t check whether the pool is equal to zero. If pool == 0 and totalSupply != 0, mintSharesFor will revert. And In depositFor, it uses balance as pool. In consequence, when the CTDL balance of StakedCitadel is ze...

User funds stuck - buy works even after sale ends

Lines of code Vulnerability details Impact Buy function is not checking finalized value. Under specific scenario, Buy function will work even when sale has ended and finalize function has been called. If user buys any token at this moment then he wont be able to claim and will lose funds Proof of...

Staked Citadel function balance and reportHarvest

Lines of code Vulnerability details Impact In the StakedCitadel...

StakedCitadel should implement EIP-4626

Lines of code Vulnerability details StakedCitadel should implement EIP-4626 StakedCitadel could be seen as an investment vault and therefore team should consider implementing the recent EIP-4626 standard, as it could enable a lot of potential integrations and would avoid having to deploy wrappers...

StrategyPUSDConvex.balanceOfJPEG uses incorrect function signature while calling extraReward.earned, causing the function to unexpectedly revert everytime

Lines of code Vulnerability details Impact As specified in Convex BaseRewardPool.sol and VirtualRewardPool.sol, the function signature of earned is earnedaddress. However, balanceOfJPEG did not pass any arguments to earned, which would cause balanceOfJPEG to always revert. This bug will propagate...

LPFarming, yVault and yVaultLPFarming contract white listing can be surpassed

Lines of code Vulnerability details Impact LPFarming, yVault and yVaultLPFarming contracts' white list checks are performed with isContract and can be surpassed. isContract can only be used for positive confirmations, i.e. filtering out EOAs. Setting high severity as it is a direct access control...