Failed transfer with low level call won't revert

Lines of code Vulnerability details In BaseV1-periphery.sol, the function safeTransferCANTO is as follows: function safeTransferCANTOaddress to, uint value internal bool success, = to.callvalue:valuenew bytes0; requiresuccess, "TransferHelper: ETHTRANSFERFAILED"; This function is utilized in a fe...

Upgraded Q -> M from 207 [1656344422031]

Judge has assessed an item in Issue 207 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> M from 115 [1656346004435]

Judge has assessed an item in Issue 115 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

[PNM-003] _totalStakedBefore_ and _totalStakedAfter_ are the always the same

Lines of code Vulnerability details Description It can be medium or high according to the off-chain logic which is not avaiable for the contest. Specifically, rebases can only be updated by function storeRebase and the only callsite of function storeRebase is in function rebase. While we have...

Unused Return

Lines of code Vulnerability details Impact Configuration Check: unused-return Severity: Medium Confidence: Medium Description: The return value of this external call is not stored in a local or state variable. Unused return values of function calls are indicative of programmer errors which may ha...

Staking.setCurvePool() doesn't approve allowance when changes CURVE_POOL.

Lines of code Vulnerability details Impact Staking.setCurvePool doesn't approve allowance when changes CURVEPOOL. It will affect when users exchange asset through CURVEPOOL. Proof of Concept When initialize the contract, Staking contract approves CURVEPOOL here. But when admin updates CURVEPOOL...

[H-05] Not minting iPTs for lenders in several lend functions

Lines of code Vulnerability details Impact Using any of the lend function mentioned, will result in loss of funds to the lender - as the funds are transferred from them but no iPTs are sent back to them! Basically making lending via these external PTs unusable. Proof of Concept There is no mintin...

Potential interests are not distributed fairly among the zcTokens holders, nor taken as a protocol fee, but will be frozen in the redeemer contract

Lines of code Vulnerability details function authRedeem address u, uint256 m, address f, address t, uint256 a public authorizedIMarketPlacemarketPlace.marketsu, m, 0 returns bool // Get the principal token for the given market IERC5095 pt = IERC5095IMarketPlacemarketPlace.marketsu, m, 0; // Make...

removeAddress doesn't decrease the contracts.length

Lines of code Vulnerability details Impact The contracts length will always increase because the removeAddress function just deleting the value inside the array and never decrease the length by calling pop method. This can lead to Dos when calling functions that doing loop on contracts storage:...

Buyer can initiateBuyout by sending less value than current valuation

Lines of code Vulnerability details Impact Intuitively, a buyer calling initiateBuyout should be sending a msg.value greater than or equal to current valuation. However, they can actually send less than this amount and still initiate the buyout. On line 404 we have requirebuyoutBid =...

REENTRANCY-Avoid transfer() as reentrancy mitigations. Transfer do not protect from reentrancies in case of gas price changes.

Lines of code Vulnerability details Impact --Check: reentrancy-unlimited-gas --Severity: Informational --Confidence: Medium Transfer and send have been recommended as a security best-practice to prevent reentrancy attacks because they only forward 2300 gas. That being said, gas repricing of...

Ineffective TWAV Implementation

Lines of code Vulnerability details Background The current TWAV implementation consists of an array of 4 observations/valuations called twavObservations. Whenever, the new valuation is updated, the new cumulative valuation will be appended to the twavObservations array and the oldest...

TWAP array can be artificially filled up with the most recent quote

Lines of code Vulnerability details A malicious user can run updateTWAV on each block, quickly replacing all four values of the twavObservations array with the most recent valuation. I.e. the time weighted averaging essence of the recorded price can be directly reduced to always be just most rece...

Attackers can call update and grief the users from swapping tokens

Lines of code Vulnerability details Impact Attackers can call update and grief the users from swapping tokens An attacker can specify reserve0 and revsere1 in update function and make it very small number and the user will have to supply zero tokens otherwise the function will fail. mitigation :...

CNote balance can be affected by griefing attack

Lines of code Vulnerability details Functions borrowFresh, repayBorrowFresh, mintFresh, redeemFresh require CNote balance to be strictly zero, reverting unconditionally otherwise. However, as CNote is ERC20 with usual transfer functionality, anyone can send a cNote tokens to the contract itself,...

Centralization Risk with onlyOwner modifier

Lines of code Vulnerability details Impact During the code review, It has been observed the all currency tokens can be withdraw by owner without timelock. The currency token should not be withdrawn by owner. This poses centralization risk. Proof of Concept 1. Navigate to the following contract...

InfinityExchange owner can steal user's tokens via front-running

Lines of code Vulnerability details Impact Contract InfinityExchange.sol charges protocol fee through PROTOCOLFEEBPS. The issue is that owner of the contract is able to change protocol fee at any time without any restriction which puts him in a very privileged position and allows him to steal...

division rounding error in _handleExecuteLiquidity() and _reconcile() make routerBalances and contract fund balance to get out of sync and cause fund lose

Lines of code Vulnerability details Impact variable routerBalances suppose to keep track of routers balance in contract and routers can withdraw their balance from contract. but because of division rounding error in handleExecuteLiquidity and reconcile contract uses more of its tokens than it...

ETH rescue does not work

Lines of code Vulnerability details Impact Both contracts InfinityExchange and InfinityStaker have a function rescueETH to allow an admin to rescue any ETH accidentally sent to the contracts. However, this ETH rescue functionality does not work. The code expects ETH to be sent to this function an...

Admin can set arbitrarily high exchange fees

Lines of code Vulnerability details Impact Admins can attack users by frontrunning them Poc In the function setProtocolFeeInfinityExchange.sol function setProtocolFeeuint16 protocolFeeBps external onlyOwner PROTOCOLFEEBPS = protocolFeeBps;@audit medium emit NewProtocolFeeprotocolFeeBps; Admins ca...

Did Not Approve To Zero First Causing Certain Token Transfer To Fail

Lines of code Vulnerability details Proof-of-Concept Some tokens like USDT do not work when changing the allowance from an existing non-zero allowance value. For example Tether USDT's approve function will revert if the current approval is not zero, to protect against front-running changes of...

Any User May Transfer Rewards From AuraLocker To MyStrategy These Rewards Are Unaccounted For and Stuck

Lines of code Vulnerability details Impact Harvesting the rewards from AuraLocker incorrectly assumes that rewards are only transferred during harvest when LOCKER.getRewardsaddressthis is called. However it is possible for anyone to call AuraLocker.getRewardsaddressMyStrategy and transfer the...

It lacks slippage control when swapping tokens

Lines of code Vulnerability details Impact In balancer document: In the above example code, we set our tokenBAL limit to 0, which means we are willing to accept 100% slippage on our trade. That is generally a very bad idea It lacks slippage control when calling BALANCERVAULT.swap, making it suffe...

Upgraded Q -> M from 205 [1655579891083]

Judge has assessed an item in Issue 205 as Medium risk. The relevant finding follows: transfer and send methods are used inside the codebase. Since these methods use 2300 gas stipend which is not adjustable,it may likely to get broken when calling a contract's fallback function if any contract...

Upgraded Q -> M from 119 [1655579861612]

Judge has assessed an item in Issue 119 as Medium risk. The relevant finding follows: L01: Use .call instead of .send Line References Description It is recommended to use call instead of send because the former fowards all remaining gas with the call, while the latter has a gas limit of 2300. Thi...

Badger rewards from Hidden Hand can permanently prevent Strategy from receiving bribes

Lines of code Vulnerability details Impact If the contract receives rewards from the hidden hand marketplace in BADGER then the contract tries to transfer the same amount of tokens twice to two different accounts, once with sendBadgerToTree in MyStrategy and again with processExtraToken in the...

Owner can sweep any token

Lines of code Vulnerability details Impact Admin can sweep any token even if the token is in use by the contract. Ideally only non blacklisted tokens should be allowed by unlockTokens function function unlockTokensIERC20 token external override onlyOwner uint256 amount = token.balanceOfaddressthi...

Gitignore too low

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Too short gitignore Tools Used Recommended...

you can mint any amount of tokens and steal eth from the contract

Lines of code Vulnerability details Impact attacker calls the mintViaAsset function if attacker want to lend eth that you suppy the contract , it wil take eth make it into weth then what you lend . you can mint how many tokens you want because if iseth is true it just converts the eth to weth and...

cause an attacker to get a better deal on intrest rate on borrwoing and lending or cause txs' to revert

Lines of code Vulnerability details Impact if the variable maturity in getMaturity function is a big number that gets put into uint40 and since its to big of a number it will revert because solidity ^0.8.0 dosn't allow overflow and on deployment hasMatured can be true because it very close to the...

IsWrappedFcash check is a gas bomb

Lines of code Vulnerability details Impact In the isWrappedFCash check, the notionalTradeModule check whether the component is a wrappedCash with the following logic. try IWrappedfCashfCashPosition.getDecodedID returnsuint16 currencyId, uint40 maturity try...

No Slippage Protection During Redeeming Matured Positions

Lines of code Vulnerability details Proof-of-Concept The lack of slippage checks can cause redemption of matured positions to happen at a bad rate/prices, resulting the trade to receive fewer tokens than the fair market rate/price. The NotionalTradeModule.redeemMaturedPositions function calls the...

Residual Allowance Might Allow Tokens In SetToken To Be Stolen

Lines of code Vulnerability details Proof-of-Concept Whenever mintFCashPosition function is called to mint new fCash position, the contract will call the approve function to set the allowance to maxSendAmount so that the fCash Wrapper contact can pull the payment tokens from the SetToken contract...

Integer overflow can affect router balances

Lines of code Vulnerability details Impact Integer overflow can affect router balances. Proof of Concept The repayAavePortal method of the PortalFacet contract subtracts the balance within an unchecked region, but this balance is not checked beforehand to be greater than the amountIn. unchecked...

Upgraded Q -> M from 137 [1654449389324]

Judge has assessed an item in Issue 137 as Medium risk. The relevant finding follows: It does not even check the return value and a low-level call succeeds if the address is empty or non-existent. dexMapping is a manually operated config so it may not contain info for all collateral tokens, and i...

Minter.sol#_executeInflationRateUpdate() inflationManager().checkpointAllGauges() is called after InflationRate is updated, causing users to lose rewards

Lines of code Vulnerability details When Minter.solexecuteInflationRateUpdate is called, if an INFLATIONDECAYPERIOD has past since lastInflationDecay, it will update the InflationRate for all of the gauges. However, in the current implementation, the rates will be updated first, followed by the...

A malicious filler can fill a partial order in such a way that the rest cannot be filled by anyone

Lines of code Vulnerability details Impact For filling a partial order, because Seaport accepts any representation of a fraction, a malicious filler can provide a giant fraction unreduced. This would severely limit what orders can be filled afterwards and in some cases making any more fills...

_transfer#Executor.sol not checking all enum values

Lines of code Vulnerability details Impact Transaction can revert or have unexpected behaviour Poc In transferexecutor.sol you are checking Itemtype values Itemtype.NATIVE, Itemtype.ERC20 and Itemtype.ERC721 after then the last else clause assumes that the Itemtype is a ERC1155. else @audit assum...

Value Overflow in FulfillmentApplier.sol

Lines of code Vulnerability details Value Overflow in FulfillmentApplier.sol Repo commit referenced: 49799ce156d979132c9924a739ae45a38b39ecdd Impact In aggregateValidFulfillmentOfferItems Line 274 and aggregateValidFulfillmentConsiderationItems Line 571 a variable errorBuffer has been defined as ...

Upgraded G -> M from 164 [1654114758938]

Judge has assessed an item in Issue 164 as Medium risk. The relevant finding follows: File:Cally.sol224 requiremsg.value = premium, "Incorrect ETH amount sent"; Using == operator is 3 gas cheaper than =. This also keeps people from acedently overpaying when buying an option. Summary Implementing...

deposit function of VeAssetDepositor.sol will be failed if stakeAddress is set.

Lines of code Vulnerability details Impact Wrong contract variable is used, so transaction cannot be executed. Proof of Concept This line is trying to call ERC20 function from minter contract. The minter is not ERC20 token, and does not have safeApprove function. So this will revert transaction...

Lack of Verification of conduitKey, offererConduitKey, and fulfillerConduitKey Could Cause Offerers or Fulfillers to Lose Their Assets to Malicious Fulfillers or Offerers

Lines of code https://github.com/c...

Cancelled orders cannot be valid again

Lines of code Vulnerability details Impact The validate function will call the verifyOrderStatus function. When orderStatus.isCancelled == true, the canceled order cannot be set as valid. function verifyOrderStatus bytes32 orderHash, OrderStatus memory orderStatus, bool onlyAllowUnused, bool...

No way to close multiple channels - Under attack scenario

Lines of code Vulnerability details Impact = Currently contract has no functionality to close multiple channels = In case multiple open channels are performing maliciously, owner has to individually call updateChannel to close those channel = Closing channels one by one will be time consuming and...

Anyone can add Gauge reward tokens and cause DoS

Lines of code Vulnerability details Impact The Gauge.notifyRewardAmount function does not have any access restriction. Anyone an attacker can frontrun and call this function to add arbitrary even malicious gauge reward tokens up to MAXREWARDTOKENS = 16. An attacker is able to frontrun and add 16...

_writeCheckpoint() in Gauge use wrong index to get prevVoteStatus

Lines of code Vulnerability details Impact All the Voting values calculated by writeCheckpoint when it's not first checkpoint is going to set to False instead of account's last vote and because vote has been used in earned and reward calculation so reward distribution is going to be wrong too...

Wrong calculation for the new rewardRate[token] can cause some of the late users can not get their rewards

Lines of code Vulnerability details uint bribeStart = block.timestamp - block.timestamp % 7 days + BRIBELAG; uint adjustedTstamp = block.timestamp = periodFinishtoken safeTransferFromtoken, msg.sender, addressthis, amount; rewardRatetoken = amount / DURATION; else uint remaining = periodFinishtok...

Voting tokens may be lost when given to non-EOA accounts

Lines of code Vulnerability details Impact veNFTs may be sent to contracts that cannot handle them, and therefore all rewards and voting power, as well as the underlying are locked forever Proof of Concept The original code had the following warning: @dev Safely transfers tokenId token from from ...

External contract calls inside loops may result in DoS.

Lines of code Vulnerability details Impact Calls to external contracts inside a loop are dangerous especially if the loop index can be user-controlled because it could lead to DoS if one of the calls reverts or execution runs out of gas. Reference Proof of Concept for uint i = 0; i 0...

functions deposit() and notifyRewardAmount() in Bribe and Gauge contract don't consider deflationary tokens when transferring

Lines of code Vulnerability details Impact The actual amount that has been transferred can be different than requested amount in deflationary tokens and this is not been addressed in transferring logic in the code. This can cause wrong calculation and rewards distribution for users. Proof of...