ProcessedCalls event missing transaction hash

Lines of code Vulnerability details Summary The CrossChainRelayerArbitrum contract is missing the txHash parameter in the ProcessedCalls event. Impact The txHash is used to identify the transaction that was processed. Without this parameter, it will be impossible to know which transaction was...

Relayer/executor-already-set Error in CrossChainRelayerArbitrum Contract

Lines of code Vulnerability details Summary The setExecutor function in the CrossChainRelayerArbitrum contract improperly reverts when the executor variable has already been set. Impact This bug could prevent the CrossChainRelayerArbitrum contract from properly setting the executor variable,...

NameWrapper: Wrapped to Unregistered to ignore PARENT_CANNOT_CONTROL

Lines of code Vulnerability details Impact owner of a wrapped node without CANNOTUNWRAP fuse can unwrap and set the ens.ownernode to zero to be an unregistered state if it happens, even if the node has PARENTCANNOTCONTROL fuse, the parent of the node can change the NameWrappwer.owner of the node...

NameWrapper: one can renew to DoS a Name

Lines of code Vulnerability details Impact Anyone with enough eth can make a name impossible to be used anymore Proof of Concept Below is a snippet of the proof of concept. The whole code can be found in this gist. And how to run test is in the comment in the gist. This proof of concept...

A registered contract won't earn fees if _recipient is a fresh address

Lines of code Vulnerability details Impact Users might fall victims of a false positive: if they use a fresh account as an NFT recipient during contract registration, the transaction won't revert, but the registered contract will never earn fees for the token holder. And since a contract can be...

There is no re-register o re-assign function

Lines of code Vulnerability details Impact There is no re-register or re-assign option for the smart contracts. Let's assume a smart contract is registered either through the register function with a new NFT minted or the assign function to an existing NFT. However, if somehow, the NFT is burned ...

Functions like AutoPxGmx.withdraw and AutoPxGmx.redeem do not provide effective slippage control

Lines of code Vulnerability details Impact As shown below, calling the AutoPxGmx.withdraw and AutoPxGmx.redeem functions would execute compoundpoolFee, 1, 0, true, which uses the hardcoded 1 as the amountOutMinimum input of the AutoPxGmx.compound function to further call the...

Potential uint underflow

Lines of code Vulnerability details Impact Potential underflow if shares is greater than totalSupply Proof of Concept Tools Used Manual review Recommended Mitigation Steps Before the following line, check if totalSupply is greater or equal to shares --- The text was updated successfully, but thes...

Possible lost msg.value in function distributeFees

Lines of code Vulnerability details Author: rotcivegaf Impact The function distributeFees don't checks if the tokenId exists and if the owner send value to the an non-exists tokenId, this one will stuck in the contract until the tokenId will minted, and take by the owner of the minted token that...

The check for msg.value in distributeFees is unnecessary and may cause error

Lines of code Vulnerability details Impact Transactions may fail because of this redundant check. Proof of Concept The function distributeFees will revert if msg.value == 0: function distributeFeesuint256 tokenId public onlyOwner payable if msg.value == 0 revert NothingToDistribute; balancestoken...

Upgraded Q -> M from #307 [1669043813221]

Judge has assessed an item in Issue 307 as M risk. The relevant finding follows: L-1. Wrong comparison sign Description The function swapAVAXForExactTokens will revert when msg.value amountsIn0 because amountsIn0 - msg.value will always cause underflow. Solidity version ^0.8.0 is used, so it will...

Slashing can prevent Protected Staking Pool depositors from redeeming their ETH

Lines of code Vulnerability details The documentation states that: The Protected Staking Pool is free from any slashing and leaking risk. While the penalties affect the node operator first, then the Fees and MEV Pool stakers, if the slashing amount is higher, it will also impact the Protected...

Med: withdrawDETH is not functional for array lengths greater than one.

Lines of code Vulnerability details Description The withdrawDETH function is used in GiantSavETHVaultPool to burn user's LP tokens and grant them dETH. It loops over all input vaults and all input LPTokens, and for each one calls lpTokenETH.burnmsg.sender, amount; Before that, it uses...

bringUnusedETHBackIntoGiantPool in GiantSavETHVaultPool can be used to steal LPTokens

Lines of code Vulnerability details Impact real LPTokens can be transferred out of GiantSavETHVaultPool through fake savETHVaults provided by an attacker. Proof of Concept bringUnusedETHBackIntoGiantPool takes in savETHVaults, lpTokens, and burns certain amount olpTokens. The tokens are thoroughl...

Theft of ETH that was not used for the successful execution of orders

Lines of code Vulnerability details Description There are execute and bulkExecute functions in Exchange smart contract. There is the refund of any ETH that was unused for example that was left due to the unsuccessful order execution at the end of its execution flow: returnDust; returnDust functio...

Upgraded Q -> M from #348 [1668468155840]

Judge has assessed an item in Issue 348 as M risk. The relevant finding follows: L01 Wrong parameter order inside beforeTokenTransfer in LBtoken::burn call should be beforeTokenTransferaccount, address0, id, amount; --- The text was updated successfully, but these errors were encountered: All...

Exchange's _returnDust() does not validate return value of call() to send excess ETH to sender.

Lines of code Vulnerability details Impact When a caller to Exchange's execute or bulkExecute includes more ETH than is required to complete the transactions, returnDust is intended to return this excess back to the caller. However, returnDust does not validate that the call it performs to return...

Upgraded Q -> M from #474 [1668467584757]

Judge has assessed an item in Issue 474 as M risk. The relevant finding follows: L-01 Flashloan fee is not validated flashLoanFee is determined at LBFactory's constructor as; constructoraddress feeRecipient, uint256 flashLoanFee setFeeRecipientfeeRecipient; flashLoanFee = flashLoanFee; emit...

#bulkExecute() can reenter to steal funds

Lines of code Vulnerability details Impact ExchangebulkExecute can reenter, and internal execution of delegatecall is allowed to fail, not revert, malicious users can reenter to steal funds Proof of Concept Assumptions: There is a malicious user alice,with NFT for sale, paid through eth If user b...

ETH amount that is trapped in LooksRareAggregator contract can be withdrawn by user who is not LooksRareAggregator's owner

Lines of code Vulnerability details Impact When ETH amount is trapped in the LooksRareAggregator contract, such as when someone accidentally sends some ETH to it, the owner of the LooksRareAggregator contract has the privilege to call the rescueETH function to transfer such amount to a proper...

The owner of the contract can broke the storage of the LooksRareAggregator contract

Lines of code Vulnerability details Impact The owner of the contract can broke the storage of the LooksRareAggregator contract Proof of Concept The addFunction function - can be called by the owner to to set proxy address and function selector for the function to be called inside this proxy. This...

internalCall modifier can be circumvented with execute / bulkExecute

Lines of code Vulnerability details Impact The internalCall modifier ensures that public functions can only be called from another public function and not directly. It is implemented like that: modifier internalCall requireisInternal, "This function should not be called directly"; ; The modifier...

The bulkExecute function does not bypass failed executions.

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. According to the documentation, "Add bulk execute function; attempted executions that fail should be bypassed". However, the implementation of bulkExecute does not conform to this spec. Fail executions...

Upgraded Q -> M from #107 [1668211909800]

Judge has assessed an item in Issue 107 as M risk. The relevant finding follows: L-01 WardenPledge inherits Ownable instead of Owner The contract imports Owner.sol but inherits Ownable - should both import and inherit Owner --- The text was updated successfully, but these errors were encountered:...

Upgraded Q -> M from #43 [1668210521611]

Judge has assessed an item in Issue 43 as M risk. The relevant finding follows: Q-02 - Huge trust assumption in recoverErc20 Reward tokens are transferred into this contract when a pledge is created. The comment notes " Recovers ERC2O tokens sent by mistake to the contract", but this function can...

Potential DoS when closing a credit nominated in ETH in the LineOfCredit contract

Lines of code Vulnerability details When closing a credit that was issued in ETH, the LineOfCredit contract will send the lender his deposit and any accrued interests using the address.transferamount function, which may fail and revert the whole function, leading to an eventual DoS. Impact The...

Borrower can put their address when submiting addCredit() which can make the lender not be able to withdraw tokens

Lines of code Vulnerability details Impact when calling addCredit by borrower, they can choose to put in their address as the lender instead of the actuall lender. this can bring problems later on when the lender is trying to withdraw funds from the contract. they wont be able to withdraw the fun...

Using keccak256(abi.encoded()) can result in collisions

Lines of code Vulnerability details Proof of Concept The code in mutualConsent makes use of keccak256abi.encodePacked but this can result in a collision when the arguments of abi.encodePacked are aligned in a way that gives the same result. Impact Having hash collisions in mutualConsent...

Closing an unexisting credit can overflow the credit count variable in the LineOfCredit contract

Lines of code Vulnerability details The LineOfCredit contract doesn't verify if a credit exists and is properly initialized when closing it, and will update its state anyway, leading to an inconsistent count. Impact The close function in the LineOfCredit contract doesn't check if the given credit...

L1ERC20Bridge does not have an emergency stop mechanism to pause the bridge in case of any problems found.

Lines of code Vulnerability details Impact Right now, L1ERC20Bridge implements nonReentrant and access control mechanism to improve security. However, there is not any emergency stop mechanism that can be triggered by an authorized account to pause the bridge in case of some problems. It is highl...

WHEN EVER CALLING bridgeMint OR bridgeBurn FUNCTIONS NEED TO CHECK THE STATUS OF THE TRANSACTIONS

Lines of code Vulnerability details Impact If not checking the status of the bridgeMint and bridgeBurn functions we don't know the the transactions are success or not. If function breaks any of the reasons we don't what happened and what is the status of the transactions. there is no solutions...

Any use of fee-on-transfer tokens as quote tokens in auctions will result in freeze or loss of funds for users.

Lines of code Vulnerability details Description SIZE auctions do not support fee-on-transfer tokens. The platform rejects taxed baseToken during createAuction: // Passes https://github.com/transmissions11/solmate/blob/main/src/utils/SafeTransferLib.solL9 // Transfer base tokens to auction contrac...

Refinalization with theft of funds from other auctions

Lines of code Vulnerability details Vulnerability details Description There is a finalize function in the SizeSealed smart contract. The function traverses the array of the bids sorted by price descending. There is a prevention of the refinalization by the modifier atStateidToAuctionauctionId,...

Solmate's safeTransfer function does not check the existence of the contract

Lines of code Vulnerability details Impact Miscalculation of transferred funds and finally, loss of funds Proof of Concept Solmate's safeTransfer and safeTransferFrom functions do not check the ext code size of the address of the recipient and so, it may lead to a miscalculation of funds as it...

A bidder can buy baseToken with low price by exploiting the DOS prevention measure

Lines of code Vulnerability details Impact In order to prevent DOS attacks, the smart contract introduces a measure that limits the number of bids on an auction SizeSealed.solL157-L159. However, an attacker/bidder can exploit this measure to block others to place bids so that the attacker can buy...

Attacker can drain the SizeSealed.sol contract.

Lines of code Vulnerability details Impact An attacker can drain the SizeSealed.sol contract buy creating fake auction and manipulating some contract logic. POC Assuming that the SizeSealed.sol initially contains 10000 DAI tokens, I’ll demonstrate how an attacker can steal these tokens. The bug i...

Attacker can steal any funds in the contract by state confusion (no preconditions)

Lines of code Vulnerability details HIGH: Attacker can steal any funds in the contract by state confusion no preconditions LOC: Description Auctions in SIZE can be in one of several states, as checked in the atState modifier: modifier atStateAuction storage a, States state if block.timestamp...

Contracts will not working correctly after February 2106. Vesting will be locked forever if withdrawn after February 2106.

Lines of code Vulnerability details Impact Contracts will not working correctly after February 2106. Migration takes costs and is risky. You shouldn't pass on this work to future programmers. You should fix it in the first place. In case anything went wrong during migration, a big fund loss will...

Cross-chain replay attacks are possible with create2()

Lines of code Vulnerability details Impact Mistakes made on one chain can be re-applied to a new chain There is no chain.id in the create2 function data If a user does create2 using the wrong network, an attacker can replay the action on the correct chain, and steal the funds a-la the wintermute...

No incentive mechanism for allowed senders to call finalizeWithdrawal on behalf of withdrawers.

Lines of code Vulnerability details Impact Since finalizeWithdrawal is a permissioned function, if there are no mechanism in place for allowed senders to trigger it, withdrawers would not able to receive their funds in a timely fashion. Proof of Concept The withdrawal functions such...

Upgraded Q -> H from 502 [1667614581063]

Judge has assessed an item in Issue 502 as High risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

Owner can steal all the rewards token from the WardenPledge.sol smart contract and break the internal accounting

Lines of code Vulnerability details Impact The owner of the WardenPledge.sol smart contract can steal all the reward tokens from the contract and break the internal accounting. With the recoverERC20 function, the owner can transfer to him/herself the whole balance of the token. The check at L654...

Reuse of previous voting difference in extendPledge() charges too much fees

Lines of code Vulnerability details Description In Warden Pledge, creators can extend the life span of an existing pledge using extendPledge. Here's the implementation: uint256 addedDuration = newEndTimestamp - oldEndTimestamp; ifaddedDuration maxTotalRewardAmount revert...

Can steal Fed contract's DOLA balance

Lines of code Vulnerability details Description Due to lack of protection control, it is possible to steal Fed contract's DOLA balance by using a malicious attackerMarket contract by callingFedtakeProfit public function. function takeProfitIMarket market public uint profit = getProfitmarket;...

Pledge creator can extend pledge without paying in edge cases.

Lines of code Vulnerability details Impact Pledge creator can extend pledge without paying in edge cases. Proof of Concept When pledge creators wants to extend their pledges, they must transfer an additional reward amount and fee: uint256 totalRewardAmount = pledgeParams.rewardPerVote...

Owner can drain pledged tokens balance with recoverERC20 function

Lines of code Vulnerability details Impact The recoverERC20 function allows the owner to withdraw the ERC20 tokens sent by acceident to the contract but it doesn't allow him to withdraw pldged tokens, the owner though could use the removeRewardToken function to remove a token used currently in a...

A single point of failure is not acceptable for this project

Lines of code Vulnerability details Impact The pause function on WardenPledge.sol has a single point of failure and onlyOwner can stop all project. Owner is not behind a multisig and changes are not behind a timelock.This information hasnt got in documents Even if protocol admins/developers are n...

recoverERC20 can drain user's funds

Lines of code Vulnerability details recoverERC20 function is deployed so users who have accidently sent erc20 tokens to the contract be able to recover them. recoverERC20 uses ifminAmountRewardTokentoken != 0 revert Errors.CannotRecoverToken; to check if token was set to one of the RewardTokens o...

[M1] Owner can steal any createdPledge's tokens

Lines of code Vulnerability details Impact Malicious owner can steal any created pledge even to drain the whole contract Proof of Concept Functions like recoverERC20 are good to recover tokens accidentally transferred to a contract. The common approach for these function is to exclude real tokens...

Wrong reward calculation when reward token's decimals are different than 18

Lines of code Vulnerability details Impact When a user creates a pledge, she can specify the maximum amount of the Total Rewards and the maximum amount of fee amount she is willing to spend. By using the rewardPerVote, the vars.votesDifference and the vars.duration the smart contract calculates...