Measuring the withdrawal delay in block production time won't work properly on chains where the production time is not 12 seconds

Lines of code Vulnerability details Proof of Concept For withdrawals other than beaconChainETH, the variables withdrawalDelayBlocks and MAXWITHDRAWALDELAYBLOCKS will be used to enforce a delay for withdrawals in StrategyManager.sol. Currently MAXWITHDRAWALDELAYBLOCKS is set to 50400. uint256 publ...

Staker can avoid ETH slash by front run slashQueuedWithdrawal() with completeQueuedWithdrawal()

Lines of code Vulnerability details Impact Malicious staker can avoid the service's slash on its restaked ETH shares. Proof of Concept This issue is similar to Staker can avoid ETH slash by front run slashShares with verifyOvercommittedStake, but with a different logic. When a service/middleware...

Slashing can be frontrunned

Lines of code Vulnerability details Proof of Concept When attempting to withdraw funds, the user calls queueWithdrawal first. queueWithdrawal checks that the caller is not frozen, then marks the withdrawal as pending. function queueWithdrawal uint256 calldata strategyIndexes, IStrategy calldata...

Upgraded Q -> 3 from #407 [1683102761347]

Judge has assessed an item in Issue 407 as 3 risk. The relevant finding follows: L01 Unsafe downcasting On PrivatePool.solL230-L231 there are two unsafe downcasting from uint256 to uint128; virtualBaseTokenReserves += uint128netInputAmount - feeAmount - protocolFeeAmount; virtualNftReserves -=...

Testing Issue Type

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps testing...

Upgraded Q -> 2 from #882 [1683052832814]

Judge has assessed an item in Issue 882 as 2 risk. The relevant finding follows: In changeFeeQuote if changeFee == 0 protocolFeeAmount becomes 0 --- The text was updated successfully, but these errors were encountered: All reactions...

Offchain resolver can be subject to man in the middle attacks

Lines of code Vulnerability details Description Calls to the offchain resolver are produced by the code below: function resolve bytes calldata name, bytes calldata data external view returns bytes memory string memory urls = new string; urls0 = gatewayURL; revert OffchainLookup addressthis, urls,...

SHA-1 chosen prefix collision

Lines of code Vulnerability details Impact An attacker can claim DNS names signed with SHA-1 algorithms 5 and 7 which he does not own. Proof of Concept SHA-1 has been broken for chosen prefix collision. This means that an attacker can have his parent domain, if it signs with SHA-1, sign an RRset...

Upgraded Q -> 2 from #463 [1682585731493]

Judge has assessed an item in Issue 463 as 2 risk. The relevant finding follows: L-08 Swapping in Reth.sol may be sub-optimal The Reth pool uses the Weth/Reth 0.05% fee pool to swap between weth and reth. I recommend using the balancer pool to swap instead as it has 80M liquidity compared to...

Upgraded Q -> 2 from #883 [1682591284215]

Judge has assessed an item in Issue 883 as 2 risk. The relevant finding follows: This could cause stake and unstake to permanently revert for an prolonged period of time, as it is possible for deposit and withdraw to revert due to unchecked external conditions: Reth The rocket pool DAO can disabl...

From integer Overflow to DoS attack that leads to financial losses in ModexpPrecompile.modexp function and RSAVerify library.

Lines of code Vulnerability details Impact This vulnerability to cause unexpected behavior or even a denial-of-service attack on a contract that uses the RSAVerify library on . The vulnerable code is at: Integer overflow in modexp function in ModexpPrecompile does not perform any input validation...

Timestamp manipulation affects DNSSEC records on contracts/dnssec-oracle/DNSSECImpl.sol

Lines of code Vulnerability details Impact timestamp parameter to validate DNSSEC records. The timestamp parameter is passed as an argument to the verifyRRSIG function, which is responsible for verifying that the DNSSEC record is valid at a specific point in time. If the timestamp parameter can b...

Test manage-findings update with new cors

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps --- The...

Test for emails sent from api - and manage findings

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps --- The...

Use of revert Statement in requireOwner Function in Ownable Contract May Cause Unexpected Behavior

Lines of code Vulnerability details Summary: There is a potential issue with the error handling in the requireOwner function that may lead to unexpected behavior. Description: Description: The Ownable contract provides basic access control by defining an owner address that can be granted exclusiv...

Minter and position privileges allow unrestricted minting and burning of arbitrary tokens

Lines of code Vulnerability details Any registered minter and a position belonging to him have absolute control of minting and burning tokens on all accounts. Impact New minting mechanisms are subject to governance approval i.e. can be veto’ed. These, however, will be arbitrary contracts with...

Position ownership could be transferred to zero address

Lines of code Vulnerability details Impact Ownership of a Position could be transferred to zero address. This is usually caused by mistake but the consequence is loss of collateral. Proof of Concept The position owner calls transferOwnership but accidentally set newOwner address to 0x0. Tools Use...

POSITION LIMIT COULD BE FULLY REDUCED TO ZERO BY CLONES

Lines of code Vulnerability details Impact A newly opened position could have its limit fully reduced to zero as soon as the cooldown period has elapsed. Proof of Concept As seen in the function below, a newly opened position with 0 Frankencoin minted could have its limit turn 0 if the function...

Allowance not updated correctly

Lines of code Vulnerability details Impact allowance doesn't get updated properly therefore an attacker contract can exploit the token contract by transferring some tokens and still spend the same amount of allowance. Here are the steps: calling approve function from ERC20.sol with the spender...

Let Me Suggest For You

Lines of code Vulnerability details Impact Scope of vulnerabiliy - This vulnerability allows any user including users the do not own any share tokens to effectivly cast a veto on a minter suggetion. The only requirement to excecute the vulnerability is to have the minimun fee in the acccount. In...

Incorrect calculation of virtualBaseTokenReserves leads to incorrect pricing of NFTs

Lines of code Vulnerability details virtualBaseTokenReserves is recalculated every time a buy or sell operation is performed. The calculation is done incorrectly, so the next time a sale is made the price will be updated incorrectly. Impact buy and sell operations will be performed with incorrect...

CollectionBatchBuyOperator.sol: tokenIds array is not shortened properly which makes execute function revert when not all NFTs are purchased successfully

Lines of code Vulnerability details Impact The CollectionBatchBuyOperator contract allows parties to buy NFTs through proposals. The proposal specifies an nftContract and token IDs via the nftTokenIdsMerkleRoot parameter that can be bought. Allowed executors can then execute the actual purchase b...

Attacker can take a loan offer without providing the NFT from requested collection by using function borrowerRefinance()

Lines of code Vulnerability details Impact Function borrowerRefinance allows the borrower to repay the previous loan and take a different loan offer. In the codebase, there is no check to ensure that collateral collection of previous loan and new loan offer are the same. It can be abused by an...

MuteAmplifier.sol: rescueTokens function does not prevent fee tokens from being transferred

Lines of code Vulnerability details Impact The MuteAmplifier.rescueTokens function allows the owner to withdraw tokens that are not meant to be in this contract. The contract does protect tokens that ARE meant to be in the contract by not allowing them to be transferred: Link function...

An attacker can lower the price of another depositor() by frontrunning

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The deposit function will bump bond price back by 5% after purchase based on current delta. However, this function can be executed unlimited number of times in the same block and as a result, one can...

An attacker can manipulate the preDepositvePrice to steal from other users.

Lines of code Vulnerability details Impact The first user that stakes can manipulate the total supply of sfTokens and by doing so create a rounding error for each subsequent user. In the worst case, an attacker can steal all the funds of the next user. Proof of Concept When the first user enters...

Spot UniswapV3 pricing for rETH when staking in SafEth can lead to loss of user funds

Lines of code Vulnerability details Impact An attacker can craft a set of transactions so that when they are depositing funds in the SafEth contract, using the stake function, they can understate the value of existing deposits preDepositPrice value, while overstating the value of their deposit...

REth token price can be manipulated

Lines of code Vulnerability details Impact Currently, all deposit operations split the received ETH between derivatives. One of them is rETH, trading on Pool 0xa4e0faA58465A2D369aa21B3e42d43374c6F9613 with around 1500 ETH in liquidity for each side. The price calculation for splitting deposits in...

Reth griefing

Lines of code Vulnerability details Impact The maximum slippage when buying rETH from the Uniswap V3 pool is calculated in Reth derivative contract by taking the current price in the Uniswap V3 pool at runtime, without taking into account the price at which the user sent the transaction to the...

Incorrect parameter in withdraw function

Lines of code Vulnerability details Impact An incorrect parameter is used in the withdraw function in SfrxEth.sol. The amount variable is used when the frxEthBalance variable should be used to calculate minOut. The amount that gets swapped at the FRXETHCRVPOOLADDRESS is the frxEthBalance, not the...

User should be able to set the slippage amount willing to pay

Lines of code Vulnerability details Impact The impact of this finding is that users may be required to pay higher transaction fees than necessary due to the absence of an adjustable slippage feature. This could discourage users from using the SafEth contract and negatively impact its adoption...

First stake inflation attack

Lines of code Vulnerability details Impact The first staker can steal the next staked funds. Proof of Concept As the first one to stake, the attacker stakes minAmount ETH, for which minAmount or slightly less due to slippage SafEth tokens are minted. The attacker immediately unstakes the entire...

Upgraded Q -> 2 from #88 [1679874664641]

Judge has assessed an item in Issue 88 as 2 risk. The relevant finding follows: L-6 Spamming deposit and withdraw queues --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #83 [1679850012658]

Judge has assessed an item in Issue 83 as 2 risk. The relevant finding follows: L-02 There is no way to disapprove a collateral --- The text was updated successfully, but these errors were encountered: All reactions...

LiquidityPool.executePerpOrders(): dangerous payable function

Lines of code Vulnerability details Impact The contract LiquidityPool use a dangerous payable function executePerpOrders In this function, users can send ETH mistakenly. We should check the msg.value is 0 or not to void this issue. Proof of Concept function executePerpOrdersbytes calldata...

JSON context breaking in Bio.tokenURI

Lines of code Vulnerability details Impact Bio.tokenURI function returns an encoded JSON which is supposed to be parsed by a browser or another tool. The field description contains unsanitized user input and can be fully controlled by a hacker when they create an NFT via Bio.mintstring calldata...

Lack of token approval reverts the overall trade

Lines of code Vulnerability details Impact Since the user has not approved the params.collateralAmount, calling the safeTransferFrom function will result in a revert due to the lack of token approval. The Exchange contract not receive any collateralAmount. Proof of Concept...

usedFunds is wrong after Liquidity.closeLong, openShort and closeShort

Lines of code Vulnerability details Impact usedFunds is wrong in LiquidityPool, and usedFunds tracks spent quote tokens. usedFunds is an important state in LiquidityPool, so the impact will be high. Proof of Concept Liquidity.closeLong and openShort don't update the state usedFunds correctly. In...

Users can lose funds due to stuck NFT's

Lines of code Vulnerability details Impact If msg.sender is a contract could also be smart contract wallet that does not implement the onERC721Received method, in the current implementation of fuse Namespace.sol && mint Bio.sol, the tx will still be successful, and the token will be minted. In th...

Centralization privileges could cause revenue loss or DDoS

Lines of code Vulnerability details Impact DISCLAIMER: I understand that this was under known issues M-1, and I'm submitting this on another angle which is in case owner is compromised. Namespace and Tray contract allow the owner to execute some privilege actions which give flexibility but at the...

Loss of funds when msg.value > 2**128

Lines of code Vulnerability details Impact When a user try to transfer an amount of ether 2128 an invariant is broken where instead of reverting the transaction the affected code just return. Proof of Concept The following is the affected code where it returns instead of reverting. if value != 0...

ProfilePictureData is not stored, which will cause serious logic errors

Lines of code Vulnerability details Impact All data minted by the contract will not be stored, paralyzing the entire contract Proof of Concept code snippet： function mintaddress nftContract, uint256 nftID external uint256 tokenId = ++numMinted; if ERC721nftContract.ownerOfnftID != msg.sender reve...

DefaultAccount will add system call flag to any call with msg.value

Lines of code Vulnerability details Impact As mentioned in the repo's README.md documentation: isSystem flag. Whether the call intends a system contracts' function. While most of the system contracts' functions are relatively harmless, accessing some with calldata only may break the invariants of...

L2EthToken.sol balance[address(this)] COULD UNDERFLOW

Lines of code Vulnerability details Impact The ethereum balance of the L2EthToken.sol contract can underflow thus breaking the accounting of the protocol for L2-L1 fund transfers. Proof of Concept L2EthToken.sol contract has the withdraw function to transfer funds to L1 for withdrawal. In the...

User transactions can call system contracts directly

Lines of code Vulnerability details Impact User transaction can call system contracts directly, which shouldn't be allowed to not invoke potentially dangerous operations. Proof of Concept The DefaultAccount.executeTransaction executes a user transaction after it was validated. The function calls...

Operator can cause funds to be stolen by manipulating gas fee refund

Lines of code Vulnerability details Impact An operator can manipulate the refund of gas fee mechanism to steal from the bootloader balance. Inside refundCurrentL2Transaction function in the bootloader where the refund is happening for the refund recipient at L1097, the operator provides a value f...

_l1Receiver may lose the token amount

Lines of code Vulnerability details Impact l1Receiver lose the token amount Proof of Concept function withdrawaddress l1Receiver external payable override uint256 amount = msg.value; // Silent burning of the ether unchecked balanceaddressthis -= amount; totalSupply -= amount; // Send the L2 log, ...

Incorrect validation of the result of the transfer * transferFrom method call. Failure to comply with the ERC20 standard

Lines of code Vulnerability details Impact Inability to use ERC20 standard tokens. As an example of the future LP token Proof of Concept According to the ERC-20 standard, the transfer and transferFrom methods return true or false, but looking at the code we see that:...

BYTES2.getReward: no check for input

Lines of code Vulnerability details Impact the function getReward should validate that to is not an empty address 0x0 to prevent accidental loss of BYTES. Impact: mint reward BYTES to address0 will be lost Proof of Concept function getReward address to external uint256 reward, uint256 daoCommisio...

User can claim high rewards than he eligible

Lines of code Vulnerability details Impact User will receive rewards more than he should receive calculation of rewards for user can be continued even after withdraw Proof of Concept when a user claim rewards, the lastRewardTime will be set to block.timestamp , now consider a scenario that user...