Anyone can mint to themselves type(uint96).max if _isVaultCollateralized() returns true

Lines of code Vulnerability details Impact There is no check that ensures the caller to mint is a trusted one. Moreover, there is a flaw which lets anyone to mint typeuint96.max number of shares Proof of Concept First, the mint function does not implement any check for the caller to be someone wi...

A Storage Write Removal Bug in contracts

Lines of code Vulnerability details Summary In fallbackLSP17Extendable, Calling functions that conditionally terminate the external EVM call using the assembly statements return... may result in incorrect removals of prior storage writes. Impact In LSP17Extendable.sol, fallbackLSP17Extendable is...

deposit function does not check for the maxMint amount.

Lines of code Vulnerability details Impact It is theoretically possible for the deposit amount to mint shares more than the maxMint amount Proof of Concept The deposit function has a check for maxDeposit and reverts if the deposit value is more than maxuint96. But, it does not check the shares to...

Missing External Transfer Function In Vault

Lines of code Vulnerability details Impact Balances of TwabController for a vault can not be transferred. Proof of Concept The Vault implements an internal transfer function meant to be used to transfer balances within the TwabController: function transferaddress from, address to, uint256 shares...

Attacker can force users to delegate to SPONSORSHIP_ADDRESS

Lines of code Vulnerability details Impact An attacker can change the delegatee of a user who deposited into the vault to the SPONSORSHIPADDRESS address by calling one of the functions sponsor or sponsorWithPermit and giving the address of the user as receiver. The impact of this issue is that th...

Proposal can executed even when it is in the "Queued" state.

Lines of code Vulnerability details Impact An attacker can bypass the intended governance process and directly execute proposals that are still in the voting or canceled state. This can result in unauthorized actions being performed on the smart contract, leading to loss of funds Proof of Concept...

Malicious whale of forked DAO can prevent smaller token holders from creating proposals

Lines of code Vulnerability details The proposal threshold on a forked DAO can be set all the way up to 1,000 basis points. If this were the case, only whales would be able to make proposals on the forked DAO. Impact The likelihood of this is low, because in order to set the proposalThresholdBps ...

[M-05] NounsDAOV3DynamicQuorum.quorumVotes(): Wrong totalSupply parameter used to calculated dynamic votes thresholds

Lines of code Vulnerability details Impact and Details It is stated in NounsDAOV3Fork.adjustedTotalSupply that the total supply of nouns exclude those in treasury and escrow contract. In NounsDAOV3Proposals.isDefeated, the dynamic threshold is calculated based on adjustedTotalSupply at the time o...

Same proposer can make duplicate proposals

Lines of code Vulnerability details Impact A proposer can continuously create new proposals, even if they are redundant or unnecessary. This can overload the system and make it difficult for other participants to navigate through legitimate proposals. Proof of Concept In the propose function, the...

ABI encodePacked Collision

Lines of code Vulnerability details Impact Collision occurs Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps Do not use more than one dynamic type in...

msg-value-loop

Lines of code Vulnerability details Impact The use of msg.value in a loop in different places in the contract can introduce potential risks. The contract accepts Ether as part of its execution and relay calls. If the contract's logic does not handle or validate the msg.value appropriately, it can...

The existence of Pump may hinder large swaps or swaps from a low liquidity pool

Lines of code Vulnerability details Impact Large swaps or swaps with low liquidity value may not work properly. Proof of Concept According to the whitepaper, the purpose of the pump is to be a multi-block MEV manipulation resistant to large changes in liquidity value. Since the Well can be create...

A malicious user can steal a reserved token by using shift() function of Well.sol if the well was added liquidity unsafely with zero amount of the one of tokens.

Lines of code Vulnerability details Impact A malicious user can steal a reserved token by using shift function of Well.sol if the well was added liquidity unsafely with zero amount of the one of tokens. Proof of Concept Let's assume the well with WETH and USDC tokens. Currently totalSupply is zer...

No fee swap is possible through addLiquidity and removeLiquidityImbalanced

Lines of code Vulnerability details impact Some will not pay swap fees even after the swap fee is added. proof of concept This is equivalent to swap 1000 tokenA to 500 tokenB, but no fee calculation code lies in adding and removing liquidity. Add this test in Well.AddLiquidity.t.sol. function...

Well.sol::skim() anyone can transfer excess funds to their account.

Lines of code Vulnerability details Description The skim is designed to transfer excess tokens held by the contract to a specified recipient. However, it lacks proper access control checks, allowing any user to initiate the transfer of excess tokens, regardless of ownership. This presents a...

Interest is not accrued before parameters are updated in SavingsVest

Lines of code Vulnerability details Impact Stablecoin holders can receive wrongly calculated yield in the SavingsVest contract. Also, wrong vesting profit can be slashed when the protocol is under-collateralized. Proof of Concept The SavingsVest contract lets users deposit their stablecoins and...

LSP6KeyManagerCore reentrancy vulnerability

Lines of code Vulnerability details Impact Both LSP6KeyManager and LSP6KeyManagerInit inherit from LSP6KeyManagerCore. Consider our previous 3 contracts as A, B and C. We write a contract D, call the A.execute method, and let it execute D.execute. When executing D.execute, we can also execute...

MALICIOUS USER CAN CALL THE FlywheelBribeRewards.setRewardsDepot() FUNCTION INDEFINITELY TO PUSH ethereum INTO STATE BLOAT

Lines of code Vulnerability details Impact The FlywheelBribeRewards.setRewardsDepot function is an external permissionless function. Any malicious user can create as many ERC20 compatible contracts as possible and can call this function to set themselves as strategies in the...

RootBridgeAgent.redeemSettlement can be front-run using RootBridgeAgent.retrySettlement causing redeem DoS

Lines of code Vulnerability details Impact Since RootBridgeAgent.retrySettlement... can be called by anyone for any settlement, a malicious actor can front-run an user trying to redeem his failed settlement via RootBridgeAgent.redeemSettlement... by calling RootBridgeAgent.retrySettlement... with...

The code uses arithmetic operations without explicitly checking for possible overflows or underflows

Lines of code Vulnerability details Impact The impact of the Integer Overflow/Underflow vulnerability can be summarized as follows: Data Inaccuracy: The vulnerability can lead to incorrect calculations and inaccurate data, potentially compromising the integrity of voting processes and other...

Contracts are vulnerable to rebasing accounting-related issues

Lines of code Vulnerability details Impact Rebasing tokens are tokens that have each holder's balanceof increase over time. Aave aTokens are an example of such tokens. If rebasing tokens are used, rewards accrue to the contract holding the tokens, and cannot be withdrawn by the original depositor...

Wrong proposalThreshold amount in LybraGovernance.sol

Lines of code Vulnerability details Impact The proposal can be created with only 100000 esLBR delegated instead of 10000000. Proof of Concept According to LybraV2Docs, a proposal can only be created if the sender has at least 10 million esLBR tokens delegated to his address to meet the proposal...

_voteSucceeded check is invalid

Lines of code Vulnerability details Impact //@audit-issue wrong check vote succeeded is when 0 1 function voteSucceededuint256 proposalId internal view override returns bool return proposalDataproposalId.supportVotes1 proposalDataproposalId.supportVotes0; voteSucceeded is a function that checks i...

The calculateWithExactInput uses the same state's values for all transactions in the block

Lines of code Vulnerability details Impact The calculateWithExactInput uses the same state's values for all transactions. So all checks which should regulate swapped amounts will be broken. It can be a case of asset loss if there will be a significant amount of transactions in one block. Proof of...

GetStandardDenom at CreatePool might panic on unchecked nil

Lines of code Vulnerability details Impact A panic might occur when calling CreatePool and stop the app Proof of Concept here we can see CreatePool is creating new struct pool which call k,GetStandardDenom as value for StandardDenom key. now lets check GetStandardDenom body: func k Keeper...

The validation of the source channel is performed incorrectly

Lines of code Vulnerability details Impact There is a potential risk of unauthorized sources sending assets to the Canto Network and automatically swapping transferred tokens for Canto tokens. Proof of Concept When bootstrapping Canto Network, node operators config channel ID for the onboarding...

Doesn’t have proper slippage control.

Lines of code Vulnerability details Impact For risk management purposes, a swap will fail if the input coin amount exceeds a predefined limit. But it is not a slippage control. It doesn’t consider how many Canto a user wants to swap for. It is possible that the user will swap the token at a very...

Lack of deadline parameter when executing swaps

Lines of code Vulnerability details Impact Deadline is not checked. The transaction may stay unexecuted for a long time, resulting in unfavourable trade when the transaction is finally executed. Proof of Concept The function OnRecvPacket is used to help users outside of Canto onboard seamlessly...

StRSR.withdraw can be blocked

Lines of code Vulnerability details Impact StRSR.withdraw can be blocked for user by changing basket's asset to IFFY status. User will not be able to withdraw and his funds can be seized later. Proof of Concept StRSR.withdraw function allows user to withdraw only, when basketHandler.isReady. And...

Inadequate error handling

Lines of code Vulnerability details Summary This report highlights a high vulnerability related to inadequate error handling in the code under review. Vulnerability Details The code lacks proper error handling in certain functions. Specifically, when errors occur, such as in the swapCoins functio...

M-07 Unmitigated

Lines of code Vulnerability details Mitigation of M-07: Issue NOT mitigated Mitigated issue M-07: Incorrect slippage check in the AMO2.rebalanceUp can be attacked by MEV Fix: code-423n4/2023-05-xeth@630114e The issue is that since the pool is rebalanced around an imbalanced ratio with 68%-75% xET...

M-07 Unmitigated

Lines of code Vulnerability details Comments The very first point that needs to be made, is that, according to the Mitigation Review details: In production we have planned to use MEV Protection services such as flashbots rpc The MEV Protection rpc ensure the rebalance and defender won't be affect...

RToken.redeem should claim rewards before sending tokens to user

Lines of code Vulnerability details Impact RToken.redeem should claim rewards before sending tokens to user. Because after that he will not receive them anymore. Proof of Concept When user mints RToken, then he sends some tokens as collateral and they are stored by BackingManager. Some of...

FurnaceP1.setRatio will work incorrect after call when frozen

Lines of code Vulnerability details Impact FurnaceP1.setRatio will not update lastPayout when called in frozen state, which means that after component will be unfrozen, melting will be incorrect. Proof of Concept melt function should burn some amount of tokens from lastPayoutBal. It depends of...

M-05 Unmitigated

Lines of code Vulnerability details The mitigation makes accrueDrip is disable until the totalSupply 0. But the lastReport blocknumber is not updated. So all the dripped rewards still are collected by the first staker when the drip modifier is called at the second time. Impact If wxETH drips when...

M-05 Unmitigated

Lines of code code-423n4/2023-05-xeth@aebc324L230 Vulnerability details If wxETH drips when nothing is staked, then the first staker can claim every drop. Mitigation code-423n4/2023-05-xeth@aebc324 This PR is added in the method accrueDrip to return if totalSupply == 0 to avoid dropping at 0. But...

An attacker can steal funds from an Llama account by re-logging in.

Lines of code Vulnerability details Impact Funds are passed to LlamaAccount.execute and LlamaExecutor.execute using success, result = target.callvalue: msg.valuecallData However, there is no remedy for reentrancy. The target contract can steal funds from LlamaAccount when executed. Proof of Conce...

expirationPeriod in the strategy contracts is not checked when calling LlamaCore.execute

Lines of code Vulnerability details Impact If executionPeriod is set to an extremely short time or even 0, then all actions can never be executed. Proof of Concept There are 7 states in an Action flow: Active, Canceled, Failed, Approved, Queued, Expired, Executed. Generally, the sequence goes lik...

ERC721 tokens can be forever locked when transferring

Lines of code Vulnerability details Impact An action that transfers ERC721 tokens from the account contract to another contract could result in the ERC721 tokens being locked forever if the receiving contract doesn't support receiving ERC721 tokens. Proof of Concept The LlamaAccount contract uses...

Role might be granted and revoked at the same block to manipulate the role supply and result in incorrect behavior of relative strategy

Lines of code Vulnerability details Impact There is a potential issue where a role can be granted, votes can be cast, and then the role can be revoked in the same block. This can lead to incorrect behavior of relative strategy in manipulating the vote supply. The problem arises because the role...

Unsafe delegatecall functionality can break core protocol functionality

Lines of code Vulnerability details Impact There are multiple contracts which include delegatecall functionality, including the execute function of the LlamaAccount contract and the execute function of the LlamaExecutor contract. The issue is that there's no controls, other than the standard role...

[ H ] No Validation checks for "v" signature in castApprovalBySig

Lines of code Vulnerability details Impact V must correspond according to ECDSA principles values of either 27 or 28. Not checking this will result in an attacker crafting a malicious v value and bypassing any checks, withdrawing funds or accessing the function maliciously. Proof of Concept Craft...

malicious policyholder can forbid setRoleHolder/revokeExpiredRole/revokePolicy calls

Lines of code Vulnerability details Impact All policyholders can't trigger functions related to setRoleHolder, such as setRoleHolder/revokeExpiredRole/revokePolicy. So malicious hackers can achieve DoS or use expired roles for a long unexpected time. Proof of Concept In...

Missing Role Validation in LlamaAbsoluteStrategyBase.sol

Lines of code Vulnerability details Bug Description: The LlamaAbsoluteStrategyBase contract serves as a base contract for Llama strategies and implements various functions for action creation, approval, disapproval, and cancellation. However, it fails to validate the roles used in some critical...

LlamaAccount.llamaExecutor may be changed for a malicious purpose and be return to the initial state.

Lines of code Vulnerability details Impact If the delegatecall changes llamaExecutor to an malicious contract, then onlyLlama modifier cannot protect the contract. After the exploit, it can return the llamaExecutor as before. Proof of Concept Update test/mock/MockExtension.sol as below. //...

The initial total supply of the role can be miscalculated in some cases

Lines of code Vulnerability details Impact Due to miscalculations during LlamaPolicy contract deployment the initial supply of the role can be set wrongly. And most of strategies will not work as intended. Moreover users will not be able to start an Action for some strategies as well. Proof of...

sell reward rTokens at low price because of skiping furnace.melt

Lines of code Vulnerability details Impact The reward rToken sent to RevenueTrader will be sold at a low price. RSR stakers will lose some of their profits. Proof of Concept RevenueTraderP1.manageToken function is used to launch auctions for any erc20 tokens sent to it. For the RevenueTrader of t...

Legacy version check should be removed to avoid double relaying message in CrossDomainMessager.sol

Lines of code Vulnerability details Impact Legacy version check should be removed to avoid double relaying message Proof of Concept In Optimism bedrock implementation, to handle the pre-bedrock migration, there is code check to make sure the transaction that finalized and relayed in pre-bedrock...

cancelUnstake lack payoutRewards before mint shares

Lines of code Vulnerability details cancelUnstake will cancel the withdrawal request in the queue can mint shares as the current stakeRate. But it doesn't payoutRewards before mintStakes. Therefor it will mint stRsr as a lower rate, which means it will get more rsr. Impact Withdrawers in the...

Potential Integer Overflow/Underflow

Lines of code Vulnerability details Impact The functions insertSDPrice and getMedianValue manipulate arrays of uint256 values without explicitly checking for integer overflow or underflow. If the array lengths or calculations exceed the maximum or minimum values of uint256, it can result in...