CurveVolatileCollateral Collateral status can be manipulated by flashloan attack

Lines of code Vulnerability details Impact Attacker can make the CurveVolatileCollateral enter the status of IFFY/DISABLED . It will cause the basket to rebalance and sell off all the CurveVolatileCollateral. Proof of Concept The CurveVolatileCollateral overrides the anyDepeggedInPool function to...

Potential Loss of Rewards During Token Transfers in StaticATokenLM.sol

Lines of code Vulnerability details Impact This issue could lead to a permanent loss of rewards for the transferer of the token. During the token transfer process, the beforeTokenTransfer function updates rewards for both the sender and the receiver. However, due to the specific call order and th...

Missing Input Validation and Error Definition

Lines of code Vulnerability details Impact Missing Input Validation and Error Definition of globalSupplyIndex & globalBorrowIndex in L827-L844 & L865-L883 respectively of MultiRewardDistributor.sol could create complications as "sub" function of L844 & L883 would stop execution in cases of...

Liquidator can seize more tokens than the borrower has as collateral, leading to an arithmetic underflow and locking collateral.

Lines of code Vulnerability details Impact Lack of validation on seizeTokens could allow collateral locking by underflow. Proof of Concept The liquidateBorrowFresh function does not explicitly validate that seizeTokens is less than or equal to accountTokensborrower before transferring tokens from...

Unsafe downcast can lead to silent Overflow that causes accounting issues which can be exploited.

Lines of code Vulnerability details Impact In the ARCDVestingVault.sol, there are instances of Unsafe downcasting where if the amount is greater than uint128 the amount will Overflow but silently where the transaction won't revert causing the stored amount to be smaller than the actual amount tha...

User able to steal all votes escrowed in LockingVault due to downcasting

Lines of code Vulnerability details Even though the LockingVault is considered out of scope, it contains very serious vulnerability allowing anyone to steal ALL Arcade voting tokens. The vulnerability is possible due to downcasting amount to withdraw to uint96. In case that the amount of tokens...

If a lower multiplier for a particular NFT was set the owner of this NFT can avoid syncing votes with new values.

Lines of code Vulnerability details Impact The current situation presents an issue as it is impossible to identify the addresses of users who possess specific NFT tokens locked in the contract. Consequently, if a new multiplier is lower than the previous one, a "malicious" user could exploit this...

Guardian can brick SavingsVest contract accidentally

Lines of code Vulnerability details Impact The fix to M-06 introduces a new vulnerability, as it turns a missing validation that previously was recoverable i.e., only a minor thing into an irrecoverable error, resulting in a permanent loss of funds. Proof of Concept Consider the scenario where th...

Deposit transaction is prone to being front-run by bad actors.

Lines of code Vulnerability details Impact It is possible for an attacker to front-run a user's deposit transaction while transferring fewer amount of assets than the user and minting an equivalent amount of shares as the user could have. Proof of Concept The scenario described below is for the...

TwabLib::getTwabBetween can return innacurate balances if _startTime and _endTime aren't safely bounded

Lines of code Vulnerability details M-01 TwabLib::getTwabBetween can return innacurate balances if startTime and endTime aren't safely bounded Vulnerability details Here's the documentation of the get TwabLib::getTwabBetween function : File: twab-controller\src\libraries\TwabLib.sol 278: / 279:...

_winningRandomNumber vartiable used in calculating if caller is winner can be read via web3.getStorageAt() and user can predict if he wins or not before hand

Lines of code Vulnerability details Impact the variable winningRandomNumber used in isWinner to calc if caller has won the tier can be read, and the calculation can be predicted. Proof of Concept that a variable is marked internal doesnt mean it cannot be read Tools Used vs code Recommended...

Avoid using the same ERC-165 interface ID for URDs and their callers

Lines of code Vulnerability details Bug Description Contracts that implement the LSP-1 standard include INTERFACEIDLSP1 in their supportsInterface function. This means that they have a universalReceiver function that calls a Universal Receiver Delegate URD, such as LSP1UniversalReceiverDelegateUP...

initialize function can be front run

Lines of code Vulnerability details Impact Initialize function have the potential of front running by a malicious actor. An attacker can front-run the deployer and takeover the contract by setting itself as the owner in the Contract. Taking ownership will result in carrying out malicious acts tha...

Claim failure can result to loss of funds

Lines of code Vulnerability details Impact Caller will lose funds through gas fees when claim fails Proof of Concept The claimPrize function allows any caller to claim a prize by providing the necessary parameters: winner address of the winner, tier prize tier, prizeIndex prize index,...

Division before Multiplication could incur unnecessary precision loss

Lines of code Vulnerability details Impact Division before multiplication could incur unnecessary precision loss causing loss of funds. Proof of Concept In the dynamicQuorumVotes function of NounsDAOV3DynamicQuorum.sol contract the value of againstVotesBPS is first calculated by dividing a value ...

Proposal can executed even when it is in the "Queued" state.

Lines of code Vulnerability details Impact An attacker can bypass the intended governance process and directly execute proposals that are still in the voting or canceled state. This can result in unauthorized actions being performed on the smart contract, leading to loss of funds Proof of Concept...

[M-05] NounsDAOV3DynamicQuorum.quorumVotes(): Wrong totalSupply parameter used to calculated dynamic votes thresholds

Lines of code Vulnerability details Impact and Details It is stated in NounsDAOV3Fork.adjustedTotalSupply that the total supply of nouns exclude those in treasury and escrow contract. In NounsDAOV3Proposals.isDefeated, the dynamic threshold is calculated based on adjustedTotalSupply at the time o...

First liquidity provider can break minting of shares

Lines of code Vulnerability details Impact The attack vector and impact is that users may not receive shares in exchange for their deposits if the total asset amount has been manipulated through a large “donation”. Proof of Concept The attack vector and impact is that users may not receive shares...

Invariants doesn't checked

Lines of code Vulnerability details Impact Liquidity providers might lost their funds. Because wellFunction can be arbitrary. Proof of Concept I've asked publius about wellFunction, and he respond -- that anyone can create any wellFunction and pass it to the Well. So, let's consider for example...

TWAP can be easily manipulated by attacker through the sync() function, causing loss of funds

Lines of code Vulnerability details Description Please refer to the issue titled Implementation of Well shift function allows attackers to completely manipulate the oracles for relevant introduction and context. The safety of the TWAP relies on calling the observation function update with the...

cumulativeReserves can be incorrect

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Well updates the pump each time someone interacts with the well. update calculates the mev resistant values, one of which is the cumulativeReserves. If the update function is called twice or more times ...

Function collision between extension functions and account functions

Lines of code Vulnerability details Impact Users or owner can't use extensions because of collision between extension functions and account functions Proof of Concept Whenever someone calls account it will check for functions inside it, if there isn't function it goes to fallback to check...

A malicious user can steal a reserved token by using shift() function of Well.sol if the well was added liquidity unsafely with zero amount of the one of tokens.

Lines of code Vulnerability details Impact A malicious user can steal a reserved token by using shift function of Well.sol if the well was added liquidity unsafely with zero amount of the one of tokens. Proof of Concept Let's assume the well with WETH and USDC tokens. Currently totalSupply is zer...

Inflation attack in well

Lines of code Vulnerability details Impact The Well.sol contract is vulnerable to a first depositor attack allowing someone to directly send funds to the pool in order to obfuscate the totalSupply and steal funds from the subsequent depositor. Proof of Concept Below is how the attack can be carri...

No check for active Arbitrum Sequencer

Lines of code Vulnerability details Impact If the Arbitrum sequencer goes down, the stale ratio will be used during the swap. Proof of Concept readChainlinkFeed gets the price from chainlink oracle and the ratio is used during the swap. function readChainlinkFeed uint256 quoteAmount,...

LACK OF deadline CHECK COULD PROMPT DELAYED EXECUTION OF swap OPERATION

Lines of code Vulnerability details Impact The RewardHandler.sellRewards function is used by governance and trusted sellers to sell reward tokens for collateral tokens. This function ensures that none of the collateral should be decreased after the swap by checking their respective balances befor...

ARBITARY USER CAN CALL THE SavingsVest.accrue FUNCTION MULTIPLE TIMES BEFORE THE updateDelay PERIOD HAS ELAPSED

Lines of code Vulnerability details Impact In the SavingsVest contract the updateDelay variable is defined. This variable is used to refer the minimum time between two calls to the accrue function. This is implemented in the SavingsVest.accrue function as follows: if block.timestamp - lastUpdate...

Possible reentrancy during redemption/swap

Lines of code Vulnerability details Impact Redeemers might charge more collaterals during redemption/swap by the reentrancy attack. Proof of Concept Redeemers can redeem the agToken for collaterals in Redeemer contract and redeem burns the agToken and transfers the collaterals. function redeem...

Reward clarinets can claim rewards multiple times

Lines of code Vulnerability details Impact Reward claimers can call the get accrued reward function multiple times and maybe even drain the contract Proof of Concept As we can see there’s no check setting the accrued reward to zero after the rewards have been transferred Tools Used Manual review...

Reactivated gauges can’t queue up rewards

Lines of code Vulnerability details Impact Reactivated gauges can’t queue up rewards Proof of Concept Active gauges as set by authorised users get their rewards queued up in the FlywheelGaugeRewards.queueRewards function. As part of it, their associated struct QueuedRewards updates its storedCycl...

[M] Hardcoded address will not remain consistent across other chains

Lines of code Vulnerability details Impact The hardcoded address for the LBR token will not remain consistent across other chains, such as Polygon, Avalanche, Arbitrum and BSC for example. IEUSD0xC02aaA39b223FE8D0A0e5C4F27eAD9083C756Cc2.balanceOfethlbrLpToken Proof of Concept Hardcoding the addre...

Exploiter can avoid negative Lido rebases stealing funds from EUSD vaults

Lines of code Vulnerability details Description Lybra keeps the exact amount of collateral as deposited ignoring any lido rebases. That allows malicious users to sandwich negative rebase transactions with depositing and withdrawing their stETH saving the exact amount as before negative rebase. Th...

The _spendAllowance function in EUSD contract is labeled as virtual which can be overriden as malicious code

Lines of code Vulnerability details Impact The spendAllowance function is labeled as virtual which can be overriden by some malicious code Proof of Concept The attacker could modify the spendAllowance function to only call approve function of same contract which is internal and can pass max...

[H] Users can withdraw more tokens than they have staked

Lines of code Vulnerability details Impact Users can withdraw more tokens than they have staked from the contract. In stakerewardV2pool, there is no check to stop a user from withdrawing more tokens than they have staked. The tokens are simply subtracted from the user's balance and from the total...

Slippage protection minOut autoSwapThreshold is not effective when swapping the token

Lines of code Vulnerability details Impact In the current model, the minimum output minOut amount for the auto-swap is set to match the autoSwapThreshold, which is fixed at 4 CANTO. This configuration might result in potential market risks due to fluctuations in the value of CANTO, potentially...

Incorrect setting of EthIBCDenom invalidates risk management limits

Lines of code Vulnerability details Impact In the documentation, it is stated that: For risk management purposes, a swap will fail if the input coin amount exceeds a pre-defined limit 10 USDC, 10 USDT, 0.01 ETH or if the swap amount limit is not defined. However, in the code it defined as:...

D

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps Assessed...

Missing store revert in case of erc20 conversion error can lead to loss of funds

Lines of code Vulnerability details Impact The module is expected to have no changes in case a erc20 conversion failed. It was implemented by swallowing the error with a log and continuing with the flow finishing the IBC transfer. This is the relevant code section: if , err =...

M-10 Unmitigated

Lines of code Vulnerability details Mitigation of M-10: Issue NOT mitigated Mitigated issue M-10: First 1 wei deposit can produce lose of user xETH funds in wxETH Fix: code-423n4/2023-05-xeth@fbb2972 The issue is similar to the standard inflation attack, except that instead of the attacker's...

Upgraded Q -> 2 from #66 [1686923855595]

Judge has assessed an item in Issue 66 as 2 risk. The relevant finding follows: L-13 The owner is a single point of failure and a centralization risk Having a single EOA as the only owner of contracts is a large centralization risk and a single point of failure. A single private key may be taken ...

Upgraded Q -> 2 from #112 [1686922871117]

Judge has assessed an item in Issue 112 as 2 risk. The relevant finding follows: | | Issue | Instances ---|---|--- M-1 | Centralization Risk for trusted owners | 19 M-1 Centralization Risk for trusted owners Impact: Contracts have owners with privileged rights to perform admin tasks and need to b...

Accidentally setting expirationPeriod to Zero will cause all actions execution to Fail.

Lines of code Vulnerability details Description During action execution, when user calls executeAction the function call getActionState to get the current state for the action, if this actions is queued successfully and the disapproval check passed, the function check if the action expired by...

Upgraded Q -> 2 from #130 [1686726021314]

Judge has assessed an item in Issue 130 as 2 risk. The relevant finding follows: Possible Infinite Loops If the condition triggers the continue, then the loop variable does not get incremented. The condition never changes, as the same condition is checked over and over again, resulting in an...

Blacklisted Address Can Exploit the Exchange

Lines of code Vulnerability details Impact Addresses that are blacklisted for popular ERC20 tokens such as USDC, USDT can be leveraged to exploit the exchange in a number of ways. These addresses cannot be liquidated in any case where they would be transferred back a leftover collateral amount in...

Arbitrary delegatecalls from LlamaAccount can be used to steal assets

Lines of code Vulnerability details Impact Using delegatecall to call arbitrary contracts is highly dangerous as it can be used to steal assets. An attacker could sneak in a contract that steals all the assets owned by the LlamaAccount contract. Proof of Concept Below is a diff to the existing...

Role might be granted and revoked at the same block to manipulate the role supply and result in incorrect behavior of relative strategy

Lines of code Vulnerability details Impact There is a potential issue where a role can be granted, votes can be cast, and then the role can be revoked in the same block. This can lead to incorrect behavior of relative strategy in manipulating the vote supply. The problem arises because the role...

Oracle timeout at rebalance will result in a sell-off of all RSRs at 0 price

Lines of code Vulnerability details When creating the trade for rebalance, the RecollateralizationLibP1.nextTradePair uses uint192 low, uint192 high = rsrAsset.price; // UoA/tok to get the rsr sell price. And the rsr assert is a pure Assert contract, which price function will just return 0, FIXMA...

Technically the seven days period is not guaranteed and it's possible for the challenger to delete a withdrawal even if it hasn't been challenged during the seven days

Lines of code Vulnerability details Proof of Concept There's an existing logic to prevent the CHALLENGER from deleting a l2Output after the finalization period has ended. This is done to prevent having user withdrawals blocked after the finalization period has elapsed without challenges. The...

Potential Integer Overflow/Underflow

Lines of code Vulnerability details Impact The functions insertSDPrice and getMedianValue manipulate arrays of uint256 values without explicitly checking for integer overflow or underflow. If the array lengths or calculations exceed the maximum or minimum values of uint256, it can result in...

Aunction DOS

Lines of code Vulnerability details Impact All auction functions are under a potential DOS or exploitability vulnerability A 2 day duration is added to the current block.number when creating a lot. This introduces a critical flaw, Adding 2 86400correct value of 2 days / 27200wrong value used in...