[NAZ-M3] Use safeTransferFrom() instead of transferFrom() for ERC721 transfers

Lines of code Vulnerability details Impact The transferFrom method is used instead of safeTransferFrom, presumably to save gas. I however argue that this isn’t recommended because: OpenZeppelin’s documentation discourages the use of transferFrom, use safeTransferFrom whenever possible. Given that...

TokenDistributor: ERC777 tokensToSend hook can be exploited to drain contract

Lines of code Vulnerability details Impact TokenDistributor.createERC20Distribution can be used to create token distributions for ERC777 tokens which are backwards-compatible with ERC20. However, this introduces a reentrancy vulnerability which allows a party to get the tokens of another party. T...

NFT flashloan against governance voting

Lines of code Vulnerability details Impact Specifically, to support a proposal, the voting power is counted at the time of the proposal creation time. However, there are multiple services that support NFT flashloan, e.g., NFTuloan . Since the voting power is counted as the proposal creation time,...

Contracts that lock Ether

Lines of code Vulnerability details Impact When receive function, hasn't a revert all ethers send contracts will be locked forever. Proof of Concept Bob send ether to contract, funds were locked forever and Bob lost money. Tools Used manually Recommended Mitigation Steps Remove the payable...

NFT could be locked in settlement

Lines of code Vulnerability details Impact transferFrom is used to transfer NFT in settlement. If the receiver is a contract without appropriate way to handle the NFT, the NFT might be locked in there and non retrievable. Proof of Concept There is no check if the receiver can deal with NFT if it ...

Loss of precision will lock portions of tokens

Lines of code Vulnerability details Impact When the initial balance of a redemption reward token is smaller than the base, small amounts of the token will be rounded down to zero, meaning small-amount users will get nothing for redeeming tokens. Broken accounting means high severity Proof of...

High Potential Redeem function can not be executed because of revert

Lines of code Vulnerability details Impact Inside TribeRedeemer constructor tokensReceived is initialized, and can't be modified anywhere else. previewRedeem function will check balance of tokensReceived tokens of TribeRedeemer contract, and there is a require statement which guarantees that the...

Unbounded loop on array can lead to DoS

Lines of code Vulnerability details Description: As this array can grow quite large, the transaction’s gas cost could exceed the block gas limit and make it impossible to call this function at all Actual Codes used: src/Swap/BaseV1-core.sol:96: observations.pushObservationblock.timestamp, 0, 0,0;...

Possible division loss during LpPricesCumulative calculation

Lines of code Vulnerability details Impact During the token0TVL calculation, it divides by decimals without multiplying 1e18 first. So there might be division loss and the price might be calculated wrongly. Proof of Concept When we calculate this part, it divides first without multiplying 1e18...

Hardcoded prices are subject to be abused

Lines of code Vulnerability details Impact Hardcoded prices are subject to be abused which might address the protocol being drained. Proof of Concept There are 2 possible different issues of the Lending Protocol; 1. The attack surface/risk is not originated directly through the Canto protocol but...

_getPriceDecimals() can return wrong decimal

Lines of code Vulnerability details Impact The decimal returned from function getPriceDecimals is used in function activate to create bond market. If the decimal is not accurate, the price for bond can be wrong, could result in: too low price: abnormal arbitrage opportunity and fund loss to the...

USER CAN BLOCK GOVERNANCE VOTING BY SUBMITTING MULTIPLE PROPOSALS

Lines of code Vulnerability details Impact A user can submit multiple proposals and then endorse each one of them to be able to activate them, and because the Governance contract allow only one active proposal, this user will be able to always activate his proposals and thus not allowing any othe...

Operator role can update a policy without going through the governance / kernel update execution mechanism

Lines of code Vulnerability details Impact A privileged role can make contract updates that should go through governance Proof of Concept In OlympusDao updates to policies and modules are made by the kernel and are only callable by the governanceExecutors that only executes updates voted by the...

Governance functions relies on the proposal Id which says nothing about the proposal content

Lines of code Vulnerability details Impact There are submitProposal/endorseProposal/activateProposal functions on the Governance smart contract. The functions accept the proposed, which does not contain any information about the proposal. As a result, transactions of users can be front-ran. Proof...

The attacker consumes the contract's balance by controlling the gas-price or gas-used.

Lines of code Vulnerability details Impact The attacker consumes all of the contract's balance by controlling the gasPrice and gasUsed. Proof of Concept function refundGasuint256 startGas internal unchecked uint256 balance = addressthis.balance; if balance == 0 return; uint256 gasPrice =...

Check the return of .call when sending Ether

Lines of code Vulnerability details Impact It's considered a best practice to always check the return of the transaction when sending Ether with .call, since it's possible for a tx failure due to external factors out of the contract control. Currently, the contract emits an event with the result...

malicious attacker can manipulate another delegator vote

Lines of code Vulnerability details Impact The function ERC721Checkpointable.delegate is used to change and delegate to another accounts and it call an internal function delegate which will change the delegator of the msg.sender and it will also call another internal function moveDelegates which...

Timelock can be set by anyone except admin since it was not initialize

Lines of code Vulnerability details Impact Timelock can be manipulate by anyone Proof of Concept Timelock NounsDAOExecutor can be set by anyone since timelock was not set acceptAdmin on initialize so it can be manipulate. Tools Used Manual Review Recommended Mitigation Steps Adding...

Users will never receive their borrow amount after tx the collateral

Lines of code Vulnerability details Impact You are not able to receive any borrowed amount after adding addCollateral Proof of Concept By invoking addCollateral you will transfer an amount of collateralAmount to the Pair But you will receive any borrowed amount Recommended Mitigation Steps Invoke...

Pair still operational during pause

Lines of code Vulnerability details Pair still operational during pause Severity: High Context: FraxlendPairCore.solL660 FraxlendPairCore.solL676 FraxlendPairCore.solL786 FraxlendPairCore.solL828https://github.com/code-423n4/2022-08-frax/blob/c4189a3a98b38c8c962c5ea72f1a322fb...

Multiplication performed after division can truncate the results

Lines of code Vulnerability details Multiplication performed after division can truncate the results Impact Solidity could truncate the results, performing multiplication before division will prevent rounding/truncation in solidity math. Details This can affect variables such as slopes, interests...

Math operation, condition check with two different data values (uint256 with uint128 and so).

Lines of code Vulnerability details Impact It may leads to unexpected result during math operation and condition checks. Proof of Concept It is obvious that following lines of codes are written with two different data types. nt256 deltaTime = block.timestamp - currentRateInfo.lastTimestamp;...

Even if the _isBorrowerWhitelistActive is not active, contract can get deployed if _maxLTV < LTV_PRECISION

Lines of code Vulnerability details Impact FraxlendPairCore can get deployed even if isBorrowerWhitelistActive is not active. Proof of Concept if maxLTV = LTVPRECISION && !isBorrowerWhitelistActive revert BorrowerWhitelistRequired; The above condition revert when both condition is true. Incase,...

Creator can be incorrectly paid because of array truncate when distributing mint fee.

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The creatorRecipient and creatorShares can be forcefully trancated to a fixed length. And the truncated creator is not paid. Proof of Concept Provide direct links to all referenced code in GitHub. Add...

Checkpoint end time is not correct.

Lines of code Vulnerability details Checkpoint end time is not correct. Impact The user's voting power can be significantly decreased. Proof of Concept At L513 of VotingEscrow.sol, when we increase unlock time, oldLocked.end should be oldUnlockTime instead of unlocktime. We can double-check it fr...

FETH.sol is susceptible to ERC20 approve functionality front-running exploit

Lines of code Vulnerability details Proof of concept The problem is perfectly described here The tldr; is that if you approved a person to spend 100 tokens and then you want to decrease his allowance to 50, if he spends his 100 tokens allowance before you set his allowance to 50 he will be able t...

VotingEscrow: Unsupported fee-on-transfer tokens

Lines of code Vulnerability details Impact In the VotingEscrow contract, if the token is a fee-on-transfer token, the number of tokens received by the contract in the createLock and increaseAmount functions will be less than value. This makes the locked balance recorded by the contract incorrect,...

User can have full voting power with virtually no lockup using multiple locks and delegation

Lines of code Vulnerability details Impact User receives voting power of max lock but only locks for a minimal amount of time Proof of Concept In VotingEscrow.solcheckpoint, the duration of the delegatee and the total delegated tokens are used to determine the amount of voting power that a lock...

MIMOProxy: The execute function needs to verify that _initialized > 0

Lines of code Vulnerability details Impact In order to avoid changing the owner during the delegatecall, the execute function of the MIMOProxy contract will check the owner before and after the delegatecall. But if initialized is changed to 0 during the delegatecall process, the MIMOProxy contrac...

The lazy update of _currentProxies results in non-owners being able to execute functions that require owner privileges

Lines of code Vulnerability details Impact In the MIMOProxyRegistry contract, the getCurrentProxy function returns the address of the mimoProxy contract corresponding to the owner's address in currentProxies. function getCurrentProxyaddress owner external view override returns IMIMOProxy proxy...

Possible signature replay in updateTaskHash() and updateProjectHash() function

Lines of code Vulnerability details Impact In updateProjectHash function, the data encoded only hash and nonce value but not the projectAddress. In case builder had 2 or more projects, the signature that builder used in updateProjectHash can also be used in other projects by attackers. bytes memo...

Use call() instead of transfer() when transferring ETH in DebtToken

Lines of code Vulnerability details Impact When transferring ETH, use call instead of transfer. The transfer function only allows the recipient to use 2300 gas. If the recipient uses more than that, transfers will fail. In the future gas costs might change increasing the likelihood of that...

Builder can reduce his debt more than expected by replaying signature

Lines of code Vulnerability details Impact A builder can, after it convened with the lender and an external agent to reduce his debt through escrow, reuse the signature and pass it again to escrow many times. This allows him to reduce his debt more than expected, leaving the lender at a loss. Pro...

Approval from non-zero to non-zero amount can lead to DoS

Lines of code Vulnerability details Impact Some tokens like USDT do not work when changing the allowance from an existing non-zero allowance value. They must first be approved by zero and then the actual allowance must be approved. Proof of Concept The following function use an unsafe approvement...

Potential scenario where an attacker can steal a user's gas refund

Lines of code Vulnerability details Impact Anybody is allowed to add gas for a specific tx. I was trying to figure out whether the following scenarios are possible: 1. Alice sends a public tx where she deposits some gas and calls the gateway contract after 2. Bob, the attacker, catches that...

Impossible to add ve in RewardDistributor

Lines of code Vulnerability details Impact Starting from ve == 0, we call addVoteEscrow. function addVoteEscrowaddress voteEscrow external onlyOwner if addressve == address0 ve = VEpendingVoteEscrow; else voteEscrowEnableDate = block.timestamp + 1 days; pendingVoteEscrow = voteEscrow; The functio...

A NFT can be delegated to many NFTS

Lines of code Vulnerability details In VoteEscrowDelegation.sol in the function delegate, there is no check about if the tokenId NFT has already been delegated. Thus is it possible to delegate voting power multiple time. It's even possible to self delegate tokenId = toTokenId multiple times. By...

removeDelegation acts on wrong token

Lines of code Vulnerability details Impact The function removeDelegationtokenId currently tries to remove tokenId from the list of tokens delegated to itself. The correct behavior would be to get which token tokenId is delegated to, and remove tokenId from the delegations to that token. Since...

High risk with links to code

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps --- The...

CALL() should be used instead of TRANSFER() on an address payable

Lines of code Vulnerability details Impact The use of the deprecated transfer function for an address will inevitably make the transaction fail when: 1 The claimer smart contract does not implement a payable function. 2 The claimer smart contract does implement a payable fallback which uses more...

[PNM-002] The expiry of the parent node can be smaller than the one of a child node, violating the guarantee policy

Lines of code Vulnerability details Description By design, the child node's expiry can only be extended up to the parent's current one. Adding these restrictions means that the ENS users only have to look at the name itself's fuses and expiry without traversing the hierarchy to understand what...

Liquidator cut is calculated incorrectly

Lines of code Vulnerability details Impact User can call payBase function to pay debt in return for collateral. But due to incorrect calculation User will obtain lesser collateral than what he should actually receive causing immediate permanent loss Proof of Concept 1. User calls payBase function...

Multiple auction can run on same vault - Collateral loss

Lines of code Vulnerability details Impact Due to insufficient checks, it is possible to run 2 auctions at same time. This can lead to loss of collateral for this vault as collateral quantity placed for auction will double Proof of Concept 1. User starts auction on vault id 1 which transfer...

If baseJoin's available balance is greater than callers' amount no underlying will be transferred.

Lines of code Vulnerability details Impact If callers' amount is greater than baseJoin's available balance no underlying will be transferred but caller still gets liquidatorCut. This may also negatively impact the accounting since its updated under the assumption that the caller will transfer...

Vault owners can grief auctioneers by cancelling auctions

Lines of code Vulnerability details Since auctioneers are only paid keeper incentives on successful bids, a malicious vault owner can grief auctioneers by creating a risky vault, luring an auctioneer to start an auction, and then immediately canceling it. This is a somewhat elaborate and risky...

Upgraded Q -> M from 279 [1657955636898]

Judge has assessed an item in Issue 279 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> M from 358 [1657932899986]

Judge has assessed an item in Issue 358 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> M from 253 [1657932404226]

Judge has assessed an item in Issue 253 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

Swivel.setFee() is implemented wrongly.

Lines of code Vulnerability details Impact Swivel.setFee is implemented wrongly. Swivel.feenominators won't be set as expected. Proof of Concept This function has a parameter "i" for the index of the new fee denomination but it isn't used during the update. Tools Used Solidity Visual Developer of...

ISwivel.authRedeem() doesn't have an implementation in Swivel.sol

Lines of code Vulnerability details Impact ZcToken.withdraw and ZcToken.redeem will always revert because Swivel.sol doesn't contain authRedeem function. Proof of Concept ZcToken.withdraw and ZcToken.redeem call MarketPlace.authRedeem and ISwivelswivel.authRedeem isn't implemented. I think...