Upgraded Q -> M from 340 [1657877639047]

Judge has assessed an item in Issue 340 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

With most functions in VaultTracker.sol, users can call them only once after maturity has been reached.

Lines of code Vulnerability details Impact With most functions in VaultTracker.sol, users can call them only once after maturity has been reached. So from the second call of any functions after maturity, it will revert and users might lose their funds or interests. Proof of Concept The main probl...

Incorrect check for signature malleability

Lines of code Vulnerability details Impact Sig.recover has an Incorrect check: c.v != 27 || c.v != 28. Thus, Sig.recover always reverts. Proof of Concept c.v != 27 || c.v != 28 is always true function recoverbytes32 h, Components calldata c internal pure returns address // EIP-2 and malleable...

Migration Module: After successful migration, ERC20 assets can be thrown away by anyone

Lines of code Vulnerability details Impact HIGH - Assets can be lost directly After proposal and proposed buyout is successful, anyone can transfer ERC20 asset in the vault to the zero address and the asset will be lost. Proof of Concept proof of concept: testAnyoneCanThrowERC20poc The proof of...

buyoutPrice precision is lost in Buyout's start and Migration's commit

Lines of code Vulnerability details Buyout's start now determine the price for buyout with the truncation to 1% of supply. When buyout initiator brings in the big enough amount of fractional tokens current formula can yield substantial mispricing of initiator's fractional tokens value, which will...

Royalty percentage in FERC1155 can be set to a value greater than 100%

Lines of code Vulnerability details Impact Function setRoyalties does not check that the value of percentage is less or equal to 100. Function royaltyInfo in L247 could return a royaltyAmount greater than salePrice. Proof of Concept This simple test shows how the controller can set a value of...

Buyout griefing can block almost all functionalities

Lines of code Vulnerability details Impact Everyone can start a Buyout for a vault by paying only 1 wei. For the next 4 days no other Buyout can start. If someone is fast enough, they can start another griefing buyout as soon as one finishes, meaning that it's possible to block the functionality ...

oldToken.transferOwnership() to contract may be irreversible

Lines of code Vulnerability details oldToken.transferOwnership to contract may be irreversible Proof of Concept JBTokenStore.sol 265-266: if newOwner != address0 && oldToken != IJBTokenaddress0 oldToken.transferOwnershipprojectId, newOwner; OpenZeppelin library Ownerable.sol: function...

Usage of insecure transfer/transferFrom

Lines of code Vulnerability details Proof of Concept This is a well known issue, the protocol uses at many parts the insecure transfer/safeTransfer for generic ERC20 tokens. Recommended Mitigation Steps Use OZ Safe Transfer --- The text was updated successfully, but these errors were encountered:...

State Variable Shadowing

Lines of code Vulnerability details Impact Check: shadowing-state Severity: High Confidence: High It is possible to use the same variable twice in Solidity, but it can lead to unintended side effects.The TestAllowance.sol contract inherits from TesTBaseWorkflow.sol. In the TestAllowance.sol...

In JBERC20PaymentTerminal.sol#_transferFrom(...) ignoring return value when IERC20(token).transferFrom(...)

Lines of code Vulnerability details In JBERC20PaymentTerminal.soltransferFrom... ignoring return value when IERC20token.transferFrom... Some of ERC20 token implementations return false upon unsuccess transfer like USDT token, this can lead to some unpredictable balances to rise up without actual...

Use of IERC20.transfer() instead of SafeERC20.safeTransfer()

Lines of code Vulnerability details Impact There are multiple external calls to IERC20.transfer and IERC20.transfer in contracts that suppose to transfer out tokens from/to the system. However, there are tokens like USDT that don't return any return value in their implementation of the transfer...

Upgraded Q -> M from 95 [1657055392912]

Judge has assessed an item in Issue 95 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

fund steal by crating a lot of bad long positions and then transferring NFT token of long position to all users and trick them(or by mistake) to click on exercise()

Lines of code Vulnerability details Impact when fillOrder is called code mints two PuttyV2 NFT token, one for Long position and one for Short Position and It's possible to transfer this NFT tokens to others. exercising unwanted bad Long positions can cause users to lose funds and tokens, for...

Any one can mint penny NFT to take some advantage

Lines of code Vulnerability details Any one can mint penny NFT to take some advantage Impact Some users might be taken advantage of, for those who long call or short put the floortoken, and finnally lead to loss of these users. Proof of Concept There is no control over the floortoken platform,...

Fee is being deducted when Put is expired and not when it is exercised.

Lines of code Vulnerability details Impact Fee is being deducted when Put is expired and not when it is exercised in PuttyV2.sol. Comment section of the setFee function mentions "fee rate that is applied on exercise" which signifies that the fee amount is meant to be deducted from strike only whe...

Not-yet-exist ERC20 Could Be Used Within An Order

Lines of code Vulnerability details Vulnerability Details It was observed that the PuttyV2 contract uses solmate's SafeTransferLib for pulling ERC20 assets from the order maker or taker to the PuttyV2 contract. There is some difference between the implementation of solmate's SafeTransferLib and...

Create a short call order with non empty floor makes the option impossible to exercise and withdraw

Lines of code Vulnerability details Impact HIGH - assets can be lost If a short call order is created with non empty floorTokens array, the taker cannot exercise. Also, the maker cannot withdraw after the expiration. The maker will still get premium when the order is filled. If the non empty...

Underlying asset price oracle for CToken in BaseV1-periphery is inaccuarte

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Underlying asset price oracle for CToken in BaseV1-periphery is inaccuarte Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that...

accountant and admin cannot be updated at Note.sol once accountant is initialized

Lines of code Vulnerability details Impact Once state variable accountant is set, accountant and admin will no longer be updated using setAccountantAddress function. Proof of Concept function setAccountantAddressaddress accountant external requiremsg.sender == admin; requireaddressaccountant ==...

Sending 1 wei of cNote to the treasury can malfunction sweepInterest()

Lines of code Vulnerability details function sweepInterest external override if msg.sender != admin revert SenderNotAdminmsg.sender; //Total balance of Treasury = Note + CNote Balance, Exp memory exRate = Expmantissa: cnote.exchangeRateStored; //used stored interest rates in determining amount to...

GovernorBravoDelegate.sol _initiate() can be called multiple times

Lines of code Vulnerability details Submitting as med risk because documentation inside functions shows that require is there for the purpose of preventing it being called again but is not working correctly, and since we do not have access to the timelock code I cannot fully assess the impact...

Upgraded G -> M from 49 [1656600225781]

Judge has assessed an item in Issue 49 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

getSupplyRate returns rate per year instead of per block

Lines of code Vulnerability details Impact According to the documentation in InterestRateModel, getSupplyRate has to return the supply rate per block and the function supplyRatePerBlock in CToken directly returns the value of getSupplyRate. However, the rate per year is returned for NoteInterest...

BURNER_ROLE can burn any amount of ERC20MinterBurnerDecimals from an arbitrary address

Lines of code Vulnerability details Vulnerability details Proof of Concept Using the burnCoins function of ERC20MinterBurnerDecimals, an address with BURNERROLE can burn an arbitrary amount of tokens from any address. We believe this is unnecessary and poses a serious centralization risk. A...

Upgraded Q -> M from 413 [1656341455160]

Judge has assessed an item in Issue 413 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> M from 194 [1656339935656]

Judge has assessed an item in Issue 194 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> H from 207 [1656344605107]

Judge has assessed an item in Issue 207 as High risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> M from 413 [1656340156818]

Judge has assessed an item in Issue 413 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> M from 161 [1656344885887]

Judge has assessed an item in Issue 161 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

[H-03] Attacker can mint unbound amount of iPTs (on APWine)

Lines of code Vulnerability details Note that I've reported a similar vulnerability, on a different 'Principals' and POC\attack vector is a bit different. I will leave it to the judge to decide if these should be grouped as 1 report or not - but I wanted to be specific at the POC instead of...

Unable to redeem from Notional

Lines of code Redeemer.solL193 Vulnerability details Impact The maxRedeem function is a view function which only returns the balance of the Redeemer.sol contract. After this value is obtained, the PT is not redeemed from Notional. The user will be unable to redeem PT from Notional through...

User fund lose in addLiquidity() of LiquidityReserve by increasing (totalLockedValue / totalSupply()) to very large number by attacker

Lines of code Vulnerability details Impact Function addLiquidity suppose to do add Liquidity for the staking Token and receive lrToken in exchange. to calculate amount of IrToken codes uses this calculation: amountToMint = amount lrFoxSupply / totalLockedValue but it's possible for attacker to...

Principal token is not transferred

Lines of code Vulnerability details Impact When redeeming from APWine and Tempus here, the principal token is not transferred to the redeemer, so may be stuck on the lender contract. Proof of Concept Instead of Safe.transferFromIERC20u, lender, addressthis, amount; it should be...

[M-03] Wrong minting on lend for Tempus

Lines of code Vulnerability details Impact Will result in either failure to lend or loss of funds for the lender Proof of Concept Not very clear what was the original intention, but I find it hard to believe that subtracting the whole balanceOf iPTs from the return result from Tempus, is what was...

ERC5095 redeem must check allowance with principalAmount instead of underlyingAmount

Lines of code Vulnerability details Impact ERC5095 redeem must check allowance with principalAmount instead of underlyingAmount. Allowing any user to redeem token of anybody freely. This is very critical, anyone can lost their money everytime without their acknowledgement. Proof of Concept functi...

Transfer the original underlying token back to the user but actually transfer from lender to redeemer

Lines of code Vulnerability details Impact Transfer the original underlying token back to the user but actually transfer from lender to redeemer. Underlying token may be locked forever and user may not receive their fund after redeeming. Proof of Concept // Transfer the original underlying token...

In Notional case Redeemer's redeem() will not do the position redeeming

Lines of code Vulnerability details Currently no actual redeeeming is done in Notional case as maxRedeem is a balance view function that doesn't close the position. This way one more operation, the redeeming itself, is now committed and in Notional case Redeemer's redeem doesn't perform anything,...

Improper Upper Bound Definition on the Fee

Lines of code Vulnerability details Impact The feenominator does not have any upper or lower bounds. Values that are too large will lead to reversions in several critical functions or the platform user will lost all funds when paying the fee. Proof of Concept 1. Navigate to the following contract...

No check for set with address(0)

Lines of code Vulnerability details Impact can mint and get approve from address 0. Proof of Concept function setMarketPlaceaddress m external authorizedadmin returns bool if marketPlace != address0 revert ExistsmarketPlace; marketPlace = m; return true; Tools Used None Recommended Mitigation Ste...

Illuminate PT redeeming do not return underlying to a user

Lines of code Vulnerability details In the second step of two step redeeming process, the underlying funds should be located in the Redeemer contract as external system burned the shares the Redeemer obtained from the Lender contract and returned underlying to Redeemer. Then Redeemer's Illuminate...

sell() and buy() should not have whenNotPaused modifier

Lines of code Vulnerability details Impact Impacts are two fold: 1. admin should not be allowed to stop users from selling/cashing out their assets under any circumstance. 2. Due to poor timing or malicious admin activity, it could be the case that buy is put on pause right after initiateBuyout i...

_rejectBuyout() does not take buys and sells into account until next block, can lead to false effects due to timing

Lines of code Vulnerability details Impact Buyout that should be rejected will be allowed to happen. Proof of Concept Last user to call buy that could have pushed rejectBuyout to reject the buyout wont be accounted for because rejecBuyout is place before the minting of new tokens. Therefore even ...

Buys/sells will be front-run by MEV bots

Lines of code Vulnerability details Impact Since the value of the vault depends on the Bancor formula, it's important that transactions can't be front-run, because doing so, even for small amounts, will change the valuation price for subsequent buys/sells. The link the sponsor provided describes...

[PNM-005] Reentrancy of function sell

Lines of code Vulnerability details Description In function chargeFee, a potential reetrancy can be triggered by the factory. Since function sell invokes chargeFee in the middle of its function body, it potentially impacts the calculation, e.g., the totalSupply would be incorrect since the tokens...

whenNotPaused modifier missing

Lines of code Vulnerability details Impact whenNotPaused modifier is missing in both createBasket function NibblVaultFactory.solL80 and withdrawUnsettledBids function NibblVault.solL424 This means even when contract is in paused state this function will still be operational Note Other impacted...

_update function on deployment time isnt actually going to be 30 minutes and you can bypass it

Lines of code Vulnerability details Because timeElapsed = blocktimestamp , on deployment block.timestamp -point.timestamp it can be zero if some calls it right after deployment And block.timestamp 1800 which is true even though its not a pass 30 minutes mitigation have check that updated...

CNote: Attacker can frontrun the calling of _setAccountantContract and gain admin priviledges and insert a malicious accountant contract

Lines of code Vulnerability details Impact The function does not have access control before the accountant address is set, allowing anyone to call the function, gain admin privileges, and set the accountant address. Proof of Concept CNote.solL17 Recommended Mitigation Steps Include access control...

Only the state() of the latest proposal can be checked

Lines of code Vulnerability details Impact state function cannot view the state from any proposal except for the latest one. Proof of Concept requireproposalCount = proposalId && proposalId initialProposalId, "GovernorBravo::state: invalid proposal id"; Currently proposalCount needs to be bigger ...

Upgraded Q -> M from 225 [1655654402923]

Judge has assessed an item in Issue 225 as Medium risk. The relevant finding follows: C4-011 : Centralization Risk On The teamSummon Function - LOW Impact - LOW With the teamSummon function, owner can mint unlimited warriors. This poses a security risk. The max/min limit should be implemented at...