Initialization functions can be front-run with malicious values

Handle 0xRajeev Vulnerability details Impact Most contracts have public visibility initialization functions that can be front-run, allowing an attacker to incorrectly initialize the contracts. Due to the use of the delegatecall proxy pattern, PrizePool/YieldSourcePrizePool/StakePrizePool,...

withdraw timelock can be circumvented

Handle cmichel Vulnerability details One can withdraw the entire PrizePool deposit by circumventing the timelock. Assume the user has no credits for ease of computation: user calls withdrawWithTimelockFromuser, amount=userBalance with their entire balance. This "mints" an equivalent amount of...

Awarding takes reserve fee several times

Handle cmichel Vulnerability details The PrizePool.captureAwardBalance function takes fees repeatedly on the same interest. One would expect unaccountedPrizeBalance to be 0 in any repeated calls, but it's not. Assume the following example scenario with a 10% reserve fee: user calls...

Card affiliate payouts are skipped if a single card does not have an affiliate

Handle cmichel Vulnerability details Vulnerability Details The Market.initialize function sets the cardAffiliateCut to zero if a single cardAffiliateAddresses is the zero address. for uint256 i = 0; i numberOfCards; i++ if cardAffiliateAddressesi == address0 cardAffiliateCut = 0; Impact Even if a...

Uninitialized or Incorrectly set auctionInterval may lead to liquidation engine livelock

Handle 0xRajeev Vulnerability details Impact The grab function in Cauldron is used by the Witch or other liquidation engines to grab vaults that are under-collateralized. To prevent re-grabbing without sufficient time for auctioning collateral/debt, the logic uses an auctionInterval threshold to...

Unauthorized functions in Ladle.sol and PoolRouter.sol

Handle gpersoon Vulnerability details Impact Both Ladle.sol and PoolRouter.sol contain a function batch, which gives access to several internal functions. Some of those functions call functions in other contracts which have an "auth" access control mechanism. However several internal functions ca...

Locked funds are debited twice from user during tokenization leading to fund loss

Handle 0xRajeev Vulnerability details Impact During tokenization of conviction scores, the user can optionally provide FSDs to be locked to let it continue conviction accrual. However, the amount of FSDs specified for locking are debited twice from the user leading to fund loss for user. This, in...

Unhandled return value of transferFrom in timeLockERC20() could lead to fund loss for recipients

Handle 0xRajeev Vulnerability details Impact ERC20 implementations are not always consistent. Some implementations of transfer and transferFrom could return ‘false’ on failure instead of reverting. It is safer to wrap such calls into require statements or use safe wrapper functions implementing...

delegatedTransferERC20() on line 442 of Visor.sol, able to get locked erc20 tokens

Handle Sherlock Vulnerability details Impact Because of getBalanceLocked not returning the full sum of the balances, if you have the approval you are able to transfer locked erc20 tokens. Proof of Concept Tools Used Hardhat Recommended Mitigation Steps Calculate balance using balance.add...

function receiveNFTs does not check if amount > 0

Handle paulius.eth Vulnerability details Impact When is1155 is true, function receiveNFTs iterates over all the tokens and updates holdings and quantity1155. If the quantity1155 is 0 for that token, it adds this token to the holdings set. However, it does not check that the amount is greater than...

EIP-721 / EIP-1155 Re-Entrancy Vulnerability

Handle 0xsomeone Vulnerability details Impact The impact of this finding is difficult to estimate as the contract system within scope is limited in how the various components are meant to be utilized. A definitive side-effect of this re-entrancy is the delayed application of the afterRedeemHook...

NFT can be minted for free after sale ended

Handle s1m0 Vulnerability details Impact The getPrice return 0 after the sale ended and SALELIMIT - numSales nft can be minted for free. Proof of Concept Tools Used Manual analysis Recommended Mitigation Steps Without documentation i'm not sure if it's the expected behaviour or not. If it's not y...

deploySynth does not prevent token to be VADER or USDV

Handle paulius.eth Vulnerability details Impact function deploySynth checks that token is not VADER or not USDV. The condition should be && not || as OR condition always holds when VADER != USDV: function deploySynthaddress token external requiretoken != VADER || token != USDV;...

Handle transfers of different ERC20 tokens

Handle paulius.eth Vulnerability details Impact Some ERC20 transfers have require checks, e.g.: requireiERC20token.transfermember, amount; some don't, e.g.: iERC20token.transferrecipient, amount; It is a good practice to think about all the possible variations of ERC20s see: . Recommended...

Users may unintendedly remove liquidity under a phishing attack.

Handle shw Vulnerability details Impact The removeLiquidity function in Pools.sol uses tx.origin to determine the person who wants to remove liquidity. However, such a design is dangerous since the pool assumes that this function is called from the router, which may not be true if the user is und...

Vader functions can be called before initialization in init() of Vader.sol

Handle 0xRajeev Vulnerability details Impact All the external/public functions of Vader.sol can be called by other contracts even before Vader.sol contract is initialized. This can lead to exceptions, state corruption or incorrect accounting in other contracts, which may require redeployment of...

Add a timelock to functions that set key variables

Handle s1m0 Vulnerability details Impact Functions like setLeveragePercent and setLiquidationThresholdPercent for both IsolatedMarginTrading and CrossMarginTrading should be put behind a timelock because they would give more trust to users. Now the owner could call them whenever he wants and a...

Wrong liquidation logic

Eth address 0x6823636c2462cfdcD8d33fE53fBCD0EdbE2752ad Vulnerability details The belowMaintenanceThreshold function decides if a trader can be liquidated: function belowMaintenanceThresholdCrossMarginAccount storage account internal returns bool uint256 loan = loanInPegaccount, true; uint256...

Upgraded Q -> 2 from #482 [1705001199242]

Judge has assessed an item in Issue 482 as 2 risk. The relevant finding follows: L-02: AuctionHouse’s owner should not be allowed to change parameters when auction is active --- The text was updated successfully, but these errors were encountered: All reactions...

Frequent donations can cause DOS

Lines of code Vulnerability details Impact User's might be unable to withdraw pending rewards Proof of Concept If a donation is made before the checkpoint call in the same block, the checkpoint call will revert. This is done in order to prevent flash loans. function checkpoint external returns bo...

When unpausing the GuardCM, not setting governorCheckProposalId to 0 puts the assets of the protocol at risk

Lines of code Vulnerability details Impact If the GuardCM was paused once, the community multisig CM can pause it again without checking for the governances activity. This moves the power within the system from the governance to the CM and can, in the worst case, result in the lose of all funds o...

GovernorOLAS is susceptible to DOS via proposal frontrunning

Lines of code Vulnerability details Impact The GovernorOLAS contract inherits from OpenZeppelin's GovernorCompatibilityBravo v4.8.3, which has a known vulnerability in the proposal creation process that can be exploited to halt proposals sent to the governor. The root cause of this vulnerability ...

Attacker can cause deposits to be locked in the Solana lockbox

Lines of code Vulnerability details Impact An attacker can cause deposits to be locked in the lockbox Proof of Concept In withdraw, if the position has 0 liquidity the execution is reverted function withdrawuint64 amount external address positionAddress =...

Service Owner loses all of his/her topUp earnings when inflationControl returns false

Lines of code Vulnerability details Impact The service Owner loses all of his topUp savings in Olas when the inflation limit is hit Proof of Concept Assume, there has been donations to the service Id and it has collected some donations and has it stored in mapUnitIncentivesunitTypesiunitIdsi.rewa...

tokens can be deposited and immediately withdrawn before the intended lock time by depositing right before expiry

Lines of code Vulnerability details Impact tokens can be deposited and immediately withdrawn before the intended lock time by depositing right before expiry. Proof of Concept There is edge cases around the locking and unlocking periods that are not fully considered in the contract. Specifically,...

Griefing attack on liquidity_lockbox withdrawals due to lack of minimum deposit

Lines of code Vulnerability details Impact The liquiditylockbox contract does not enforce a minimum deposit limit. This allows a user to open many positions with minimum liquidity, forcing other users to close these positions one by one in order to withdraw. This could lead to a griefing attack...

[H1] Custom upgrade functionality is dangerous

Lines of code Vulnerability details Impact ​ Unsafe upgrade can break protocol Analysis of the vulnerability You are using a custom upgrade for the tokenomics contract not following UUPS standard function changeTokenomicsImplementationaddress implementation external // Check for the contract...

collectLiquidity() Lack of can specify recipient leads to inability to retrieve token1 after entering the blacklist of token0

Lines of code Vulnerability details Vulnerability details LP has only one way to retrieve token, first decreaseLiquidity, then retrieve through the collectLiquidity method. collectLiquidity only has one parameter, tokenId. function collectLiquidity uint256 tokenId external override nonReentrant...

Users can avoid liquidation by splitting their positions into smaller ones

Lines of code Vulnerability details Impact Bad debt creation, as the total sum of positions could yield a signicant underwater position, but they would likely not be liquidated as it wouldn't compensate liquidators. Proof of Concept A recent, random transaction on Mantle shows a gas fee of 0.47...

impossible to open a position with a large marginTo

Lines of code Vulnerability details Description marginTo/From is a way to both cover your position and increase your premium when opening a position. There is however a unintended limit on how much marginTo you can provide when opening a position. When doing the swap to increase leverage, the...

lack of slippage protection for increaseLiquidity, and decreaseLiquidity

Lines of code Vulnerability details Impact Lack of slippage protection for increasing and decreasing liquidity can cause the liquidity provider to provide liquidity at an unfavorable price. Or the borrower to borrow/repay in a manipulated pool. Proof of Concept When adding liquidity eventually...

Owners of LPs can be dosed when removing their position

Lines of code Vulnerability details Summary LP owners can reclaim liquidity to stop it from being extended for current liens but this doesn't stop from being used in new positions. Impact LP owners can signal their intention to pull liquidity by calling reclaimLiquidity. This function updates the...

Reverting when the heap is full

Lines of code Vulnerability details Reverting when the heap is full: a You mentioned in the comments that the function will revert if the heap is full. b However, the code as it stands doesn't have any logic to check if the heap is indeed full. c Depending on the context, you might want to add a...

Modifying the loan term setting can default existing loans

Lines of code Vulnerability details Summary Protocol admins can modify the loan term settings. This action can inadvertently default existing loans created under different terms. Impact Positions in the Particle LAMM protocol are created for a configurable period of time, defined by the LOANTERM...

borrower can prevent liquidity provider from withdrawing their liquidity

Lines of code Vulnerability details Description When a liquidity provider wants to withdraw their liquidity they can call ParticlePositionManager::reclaimLiquidity. This will prevent any renewals: ParticlePositionManager::addPremium: File: protocol/ParticlePositionManager.sol 508: // check LP...

position can be opened without premium

Lines of code Vulnerability details Description Premium in ParticlePositionManager is used to cover trading fees accrued for the liquidity borrowed. When liquidating, a portion of the premium is also used for the liquidation reward. The issue is that a borrower can open a position without any...

A wLP collateral that is no longer whitelisted but was at some point won't let users decollateralize or be liquidated

Lines of code Vulnerability details Impact Users who collateralized using wLP won't ever be liquidated unless the wLP is whitelisted back, but this could be dangerous depending on the reason it was removed from the whitelist. They can't also decollateralize. The severity of this issue depends...

setPosMode function doesn't check if wLp is whitelisted

Lines of code Vulnerability details Proof of Concept Using setPosMode function owner of position can change it's mode. When the function is called, then there are a lot of checks, like if current mode allows to decollateralize and if new mode allows to collateralize. Also it's checked, that all...

Contracts are vulnerable to fee-on-transfer accounting-related issues

Lines of code 359, 448, 509, 530, 42, 797, 162 Vulnerability details The functions below transfer funds from the caller to the receiver via transferFrom, but do not ensure that the actual number of tokens received is the same as the input amount to the transfer. If the token is a fee-on-transfer...

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

Unchecked return value of low-level call()/delegatecall()

Lines of code 120, 141, 411, 184, 160, 189, 152, 444, 625, 638https://github.com/Tapioca-DAO/tapioca-bar-audit/blob/2286f80f928f41c8bc189d0657d74ba83286c668/contract...

Unsafe usage of msg.value in a loop

Lines of code 140 Vulnerability details The value of msg.value in a transaction's call never gets updated, even if the called contract ends up sending some or all of the Eth to another contract. This means that using msg.value in a for- or while-loop, without extra accounting logic, will either...

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

Lack of input validation for ClosePositionParams.amountSwap results in theft of fund (premium + protocol fee))

Lines of code Vulnerability details Impact Lack of input validation for ClosePositionParams.amountSwap results in theft of fund Proof of Concept ParticlePositionManager.sol hold two part of fund 1. the contract hold premium added by borrower 2. the contract hold protocol fee before protocol...

Liquidation is not possible if trader blacklisted from blacklistable ERC20 token

Lines of code Vulnerability details Impact If a trader is blacklisted from a blacklistable ERC20 token while has an open position, it may not be possible to liquidate the position. Proof of Concept When liquidate position, it will eventually calculate the amount of token that need to be send to...

Fee-on-transfer/rebasing tokens will have problems when swapping

Lines of code 110 Vulnerability details Uniswap v3 does not support rebasing or fee-on-transfer tokens so using these tokens with it will result funds getting stuck. With fee-on-transfer tokens, if the balance isn't checked, the wrong amount may be transferred out. With rebasing tokens, the...

Unsafe use of transfer()/transferFrom() with IERC20

Lines of code 377, 509, 491, 530, 42, 50 Vulnerability details Some tokens do not implement the ERC20 standard properly but are still accepted by most code that accepts ERC20 tokens. For example Tether USDT's transfer and transferFrom functions on L1 do not return booleans as the specification...

Division by Zero and Precision Loss in computeOutputAmount Function

Lines of code Vulnerability details Impact The vulnerability can cause a runtime exception due to division by zero, leading to contract execution reverting. Additionally, precision loss may occur in calculations due to truncation of remainders, Proof of Concept When unwrapFeeDivisor unexpectedly...

doInteraction() won't mint tokens to user if interaction.specifiedAmount less than 10**12 and has certain conditions

Lines of code Vulnerability details Impact If the user calls doInteraction and executes Interaction with specifiedAmount less than 10 12 and a big difference in token decimals, the user won't get any tokens. Proof of Concept Core external functions like doInteraction will call the internal...

Usage of _safeMint in NextGenCore@_mintProcessing allows an attacker to reenter when onERC721Received is called

Lines of code Vulnerability details Impact An attacker can : Exceed the per address allowance in Fixed Price Sale, Exponential Descending Sale and Linear Descending Sale modes. Cause a loss for another user in Burn-to-Mint mode by accepting an offer when onERC721Received is triggered. Proof of...