transferFrom result not checked

Handle gpersoon Vulnerability details Impact The function deposit of SafeERC20.sol relies on the fact that transferFrom will revert if it can't transfer the erc20 tokens. However, depending on the ERC20 token, this doesn't happen and you have to check the result of transferFrom. With the wrong...

User can redeem more tokens by artificially increasing the chi accrual

Handle shw Vulnerability details Impact A user can artificially increase the chi accrual after maturity by flash borrow on Compound, which affects the exchange rate used by the chi oracle. As a result, the user redeems more underlying tokens with the same amount of fyTokens since the accrual is...

Locked funds are debited twice from user during tokenization leading to fund loss

Handle 0xRajeev Vulnerability details Impact During tokenization of conviction scores, the user can optionally provide FSDs to be locked to let it continue conviction accrual. However, the amount of FSDs specified for locking are debited twice from the user leading to fund loss for user. This, in...

Call to swapExactTokensForETH in liquidateDai() will always fail

Handle 0xRajeev Vulnerability details Impact liquidateDai calls Uniswap’s swapExactTokensForETH to swap Dai to ETH. This will work if msg.sender, i.e. FSD contract, has already given the router an allowance of at least amount on the input token Dai. Given that there is no prior approval, the call...

Lack of address input validation will lock tokens in contract

Handle 0xRajeev Vulnerability details Impact Functions timeLockERC721 and timeLockERC20 are used by the vault owner to timelock tokens in the vault with a specified recipient address as the only one with the right to withdraw after timelock expiry. If a zero/incorrect recipient address is used he...

delegatedTransferERC20() on line 442 of Visor.sol, able to get locked erc20 tokens

Handle Sherlock Vulnerability details Impact Because of getBalanceLocked not returning the full sum of the balances, if you have the approval you are able to transfer locked erc20 tokens. Proof of Concept Tools Used Hardhat Recommended Mitigation Steps Calculate balance using balance.add...

Unhandled return value of transferFrom in timeLockERC20() could lead to fund loss for recipients

Handle 0xRajeev Vulnerability details Impact ERC20 implementations are not always consistent. Some implementations of transfer and transferFrom could return ‘false’ on failure instead of reverting. It is safer to wrap such calls into require statements or use safe wrapper functions implementing...

A malicious receiver can cause another receiver to lose out on distributed fees by returning false for tokensReceived when receiveRewards is called on their receiver contract.

Handle janbro Vulnerability details Summary A malicious receiver can cause another receiver to lose out on distributed fees by returning false for tokensReceived when receiveRewards is called on their receiver contract. Risk Rating Medium Vulnerability Details A malicious receiver can cause anoth...

function receiveNFTs does not check if amount > 0

Handle paulius.eth Vulnerability details Impact When is1155 is true, function receiveNFTs iterates over all the tokens and updates holdings and quantity1155. If the quantity1155 is 0 for that token, it adds this token to the holdings set. However, it does not check that the amount is greater than...

Fee Distribution Re-Entrancy

Handle 0xsomeone Vulnerability details Impact The distribute function of NFTXFeeDistributor has no access control and will invoke a fallback on the fee receivers, meaning that a fee receiver can re-enter via this function to acquire their allocation repeatedly potentially draining the full balanc...

Use of transfer() may lead to failures

Handle 0xRajeev Vulnerability details Impact Although transfer and send have been recommended as a security best-practice to prevent reentrancy attacks because they only forward 2300 gas, the gas repricing of opcodes such as with EIP-2929 in the recent Berlin fork may break deployed contracts...

Users may unintendedly remove liquidity under a phishing attack.

Handle shw Vulnerability details Impact The removeLiquidity function in Pools.sol uses tx.origin to determine the person who wants to remove liquidity. However, such a design is dangerous since the pool assumes that this function is called from the router, which may not be true if the user is und...

Handle transfers of different ERC20 tokens

Handle paulius.eth Vulnerability details Impact Some ERC20 transfers have require checks, e.g.: requireiERC20token.transfermember, amount; some don't, e.g.: iERC20token.transferrecipient, amount; It is a good practice to think about all the possible variations of ERC20s see: . Recommended...

deploySynth does not prevent token to be VADER or USDV

Handle paulius.eth Vulnerability details Impact function deploySynth checks that token is not VADER or not USDV. The condition should be && not || as OR condition always holds when VADER != USDV: function deploySynthaddress token external requiretoken != VADER || token != USDV;...

init functions can be frontrun

Handle @cmichelio Vulnerability details Vulnerability Details The init function that initializes important contract state can be called by anyone. Impact The attacker can initialize the contract before the legitimate deployer, hoping that the victim continues to use the same contract. In the best...

Vader functions can be called before initialization in init() of Vader.sol

Handle 0xRajeev Vulnerability details Impact All the external/public functions of Vader.sol can be called by other contracts even before Vader.sol contract is initialized. This can lead to exceptions, state corruption or incorrect accounting in other contracts, which may require redeployment of...

Incorrect operator used in deploySynth() of Pools.sol

Handle 0xRajeev Vulnerability details Impact The deploySynth function in Pools.sol is expected to perform a check on the token parameter to determine that it is neither VADER or USDV before calling Factory’s deploySynth function. However, the require incorrectly uses ‘||’ operator instead of ‘&&’...

Wrong liquidation logic

Eth address 0x6823636c2462cfdcD8d33fE53fBCD0EdbE2752ad Vulnerability details The belowMaintenanceThreshold function decides if a trader can be liquidated: function belowMaintenanceThresholdCrossMarginAccount storage account internal returns bool uint256 loan = loanInPegaccount, true; uint256...

Add a timelock to functions that set key variables

Handle s1m0 Vulnerability details Impact Functions like setLeveragePercent and setLiquidationThresholdPercent for both IsolatedMarginTrading and CrossMarginTrading should be put behind a timelock because they would give more trust to users. Now the owner could call them whenever he wants and a...

Impossible to call withdrawReward fails due to run out of gas

Handle s1m0 Vulnerability details Impact The withdrawReward fails due to the loop at . From my testing the dayDiff would be 18724 and with a gasLimit of 9500000 it stops at iteration 270 due to the fact that lastUpdatedDay is not initialized so is 0. Other than that it could run out of gas also f...

PriceAware uses prices from getAmountsOut

Vulnerability details getPriceFromAMM relies on values returned from getAmountsOut which can be manipulated e.g. with the large capital or the help of flash loans. The impact is reduced with UPDATEMINPEGAMOUNT and UPDATEMAXPEGAMOUNT, however, it is not entirely eliminated. Impact Email address...

Upgraded Q -> 2 from #341 [1705001382135]

Judge has assessed an item in Issue 341 as 2 risk. The relevant finding follows: L03: Auction parameters can be changed during an auction --- The text was updated successfully, but these errors were encountered: All reactions...

TRANSACTION EXECUTION IS DoS IN THE CROSS-CHAIN GOVERNANCE CONTRACTS AND IN THE GNOSIS SAFE COMMUNITY MULTISIG TRANSACTION CHECKS SINCE THE WRONG payload IS EXTRACTED FROM THE data BYTES ARRAY

Lines of code Vulnerability details Impact The GuardCM.verifyBridgedData function is used to verify the bridged data for authorized combinations of targets and selectors in the Gnosis Safe community multisig. The data payload is passed into the verifyBridgedData function which is then unpacked...

In FxERC20RootTunnel, there is no option to get bridged tokens back in case the transaction can not be executed on L2

Lines of code Vulnerability details Impact If the transaction on L2 fails to be executed the tokens deposited on L1 will be lost since there is no way to recover them Proof of Concept When calling FxERC20RootTunnel:: withdraw the users deposits a certain amount of tokens to the bridge that he wan...

THE EXECUTION OF THE GOVERNANCE ACTIONS (CONTINOUS TRANSACTIONS PACKED TOGETHER) ON GNOSIS CHAIN COULD DoS, IF A SINGLE MALICIOUS target CONTRACT REVERTS THE TRANSACTION

Lines of code Vulnerability details Impact In the HomeMediator.processMessageFromForeign function the data variable is passed into the function. The issue here is that set of continuous transactions can be packed into a single buffer and executed in the function. The data variable is parsed insid...

Upgraded Q -> 2 from #549 [1704652745528]

Judge has assessed an item in Issue 549 as 2 risk. The relevant finding follows: L-02 The first piece created can pass quorumVotes without any votes if totalSupply of ERC20 votes is zero --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #8 [1703832984112]

Judge has assessed an item in Issue 8 as 2 risk. The relevant finding follows: Remove WLP from whitelist should not block user from removing WLP --- The text was updated successfully, but these errors were encountered: All reactions...

malicious borrowers can follow reclaimLiquidity() then execute addPremium() to invalidate renewalCutoffTime

Lines of code Vulnerability details Vulnerability details LP can set renewalCutoffTime=block.timestamp by executing reclaimLiquidity, to force close position function liquidatePosition DataStruct.ClosePositionParams calldata params, address borrower external override nonReentrant ... if...

openPosition() use stale feeGrowthInside0LastX128/feeGrowthInside1LastX128

Lines of code Vulnerability details Vulnerability details When openPosition, we need to record the current feeGrowthInside0LastX128/feeGrowthInside1LastX128. And when closing the position, we use Base.getOwedFee to calculate the possible fees generated during the borrowing period, which are used ...

Api3OracleReader may be unavailable up to 1 hour if the timestamp of the price from the Api3Server is bigger than the current block.timestamp

Lines of code Vulnerability details Impact Oracle unavailable for up to 1 hour, which could lead to positions going underwater and being liquidated when it becomes live again, without users having the chance to repay/collateralize. Proof of Concept The airnode code has a note concerning this...

Incorrect Termination Condition

Lines of code Vulnerability details The provided termination condition if pos = size / 2 && pos = size is incorrect. This condition is not suitable for terminating the maxHeapify function. It should instead be based on comparing values in the heap to ensure the max heap property. The condition if...

Business Logic Vulnerability in dropTopVotedPiece Function

Lines of code Vulnerability details Potential Risk: The dropTopVotedPiece function in the CultureIndex contract allows the dropperAdmin to drop the top-voted piece. While the function checks if the caller is the dropperAdmin, there is a potential business logic vulnerability. The function only...

Overflow potential

Lines of code Vulnerability details Overflow: Be cautious about integer overflow when incrementing size. Depending on how the size variable is used in your contract, it might be beneficial to check for potential overflow conditions. requiresize typeuint256.max, "Heap size exceeds maximum"; Assess...

_verifyVoteSignature wrong implementation

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. voteHash = keccak256abi.encodeVOTETYPEHASH, from, pieceIds, noncesfrom++, deadline; here we are using noncesfrom++ for calculating voteHash but different from address can have the same noncesfrom++...

Input Validation for createPiece Function

Lines of code Vulnerability details Potential Risk: The createPiece function in the CultureIndex contract takes two parameters: metadata and creatorArray. While the function calls the validateCreatorsArray and validateMediaType functions to validate the input data, it does not verify whether the...

If the borrower enters token blacklist, LP may never be able to retrieve Liquidity

Lines of code Vulnerability details Vulnerability details Currently, there are two ways to retrieve Liquidity 1. borrower actively close position : call closePosition 2. be forced liquidation leads to close position : liquidatePosition - closePosition No matter which one, if there is a profit in...

Decimals of LendingPool don't take into account the offset introduced by VIRTUAL_SHARES

Lines of code Vulnerability details Impact The impact of this finding is more on the marketing/data fetching side, on exchanges it would appear that the shares are worth less VIRTUALSHARES than the underlying token. Given that it would influence the perception of the value of the shares token,...

Some buyers wont get expected tokens minted due to precision loss

Lines of code Vulnerability details Impact The ERC20TokenEmitter.buyToken mints tokens according to the configured bps per address. This is due to the below code's implementation in buyToken function. for uint256 i = 0; i 0 // transfer tokens to address mintaddressesi, uint256totalTokensForBuyers...

If the NFT is because the auction is not met the reservePrice in _settleAuction() function, during the auction the totalSupply of erc721VotingToken is get in the quorumVotes, leading that the piece cannot be drpped

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps Assessed...

InitCore.liquidate will revert in case if poolOut is paused for collateral

Lines of code Vulnerability details Proof of Concept InitCore.liquidate function tries to check, that provided poolOut variable is valid pool of protocol. It does it using vars.config.isAllowedForCollateral check. As you can see, in case if poolOut will be paused as collateral for the mode, then...

Using block.timestamp as the deadline/expiry invites MEV

Lines of code 307 Vulnerability details Passing block.timestamp as the expiry/deadline of an operation does not mean "require immediate execution" - it means "whatever block this transaction appears in, I'm comfortable with that block's timestamp". Providing this value means that a malicious mine...

Calls to get_virtual_price() are vulnerable to read-only reentrancy

Lines of code 117 Vulnerability details getvirtualprice was originally considered to be a manipulation-resistant price - suitable as a price oracle, but it was later found to be vulnerable to a read-only reentrancy attack, where the Curve contract could be put into a partially-modified state, and...

Some tokens may revert when zero value transfers are made

Lines of code 356, 371, 145, 272, 252, 116, 445, 374, 506, 488https://github.com/Tapioca-DAO/tap-token-audit/blob/59749be5bc2286f0bdbf59d7ddc258ddafd49a9f/contracts/options/TapiocaOptionBroker...

Small positions are allowed in the system that are not profitable for liquidators

Lines of code Vulnerability details Proof of Concept When someone borrows, then he can borrow any assets amount that he would like. In the end function will check that position is healthy, which means that user has enough collateral amount to cover borrowed amount. The problem is that this functi...

Unchecked return value of low-level call()/delegatecall()

Lines of code 120, 141, 411, 184, 160, 189, 152, 444, 625, 638https://github.com/Tapioca-DAO/tapioca-bar-audit/blob/2286f80f928f41c8bc189d0657d74ba83286c668/contract...

Should count pending harvest reward and already harvested reward as collateral credit if the collateral is WLP

Lines of code Vulnerability details Impact Should count pending harvest reward and already harvested reward as collateral credit if the collateral is WLP Proof of Concept User can use WLP as collateral, even use WLP purely as collateral to borrow fund from lending pool the collateral worth of WLP...

Unchecked return value of low-level call()/delegatecall()

Lines of code 120, 141, 411, 184, 160, 189, 152, 444, 625, 638https://github.com/Tapioca-DAO/tapioca-bar-audit/blob/2286f80f928f41c8bc189d0657d74ba83286c668/contract...

Users can add 6 decimal token funds for free

Lines of code Vulnerability details There is a logic error in convertDecimals function which means wrapping interactions for tokens with less than 18 decimals are processed incorrectly. The below is triggered in convertDecimals where the input parameter decimals is less than 18. If amountToConver...

ERC721 and ERC1155 Reentrancy Guard is Incomplete and Wrongly Implemented

Lines of code Vulnerability details Impact Whether there is a ERC721 and ERC1155 Interaction clash or not, or if there is an inadequate transfer callback, all this would not matter as reversion would not occur due to absence of proper validation during wrap of ERC721 and ERC1155 in the Ocean.sol...

Core function of Ocean contract like doInteraction | doMultipleInteractions | forwardedDoInteraction may revert under certain conditions

Lines of code Vulnerability details Impact Core functions like doInteraction, forwardedDoInteraction, doMultipleInteractions, forwardedDoMultipleInteractions etc, will always revert under certain conditions due to overflow in calculations. Proof of Concept Core external functions like doInteracti...