Attacker can make group pay for tokenID that is not intended.

Lines of code Vulnerability details Description purchase in GroupBuy.sol executes the purchase call for the group. There are two possibilities for which tokenIDs can be bought in GroupBuy: 1. If the group is for a specific NFT, the tokenID is the value in pool.merkleRoot variable. 2. If the group...

Wrong address input in BondNFT.createLock results in wrong _owner being saved in memory

Lines of code Vulnerability details Impact Wrong address input in createLock results in function failure of extendLock and claim. Proof of Concept When someone calls lock in Lock.sol, the function BondNFT.createLock is called . bondNFT.createLock asset, amount, period, msg.sender;...

Might lose manager forever

Lines of code Vulnerability details Impact If project sets new manager with a typo, might lose manager forever Proof of Concept function setManager address manager public onlyOwner manager = manager; https://twitter.com/realgmhacker/status/1603362870699429889?s=20&t=vm4wY1ITefLhCW8BDa0oig...

Wrong calculation of MONTH_IN_SECONDS

Lines of code Vulnerability details Wrong calculation of MONTHINSECONDS : line 33 on VRFNFTRandomDraw.sol is calculating 30 weeks of 7 days instead of 30 days. 30 weeks of 7 days = 3600 24 7 30. 30 days = 3600 24 30. so and wont work properly --- The text was updated successfully, but these error...

Chainlink price feed is not sufficiently validated and can return stale price

Lines of code Vulnerability details Impact As mentioned by , "Prices provided by the oracle network are also compared to Chainlink's public price feeds for additional security. If prices have more than a 2% difference the transaction is reverted." The Chainlink price verification logic in the...

Functions of Trading contract can be reentered by Position.sol#mint

Lines of code Vulnerability details Impact Both the contracts of Position and Trading may not work correctly. Proof of Concept The Position.solmint calls safeMint will trigger a checkOnERC721Received callback, which can be used to reenter. Crackers can use this vulnerability to attack the protoco...

Draw admin/owner can rug the winner after recoverTimelock expires.

Lines of code Vulnerability details Impact The admin/owner of VRFNFTRandomDraw can wait for recoverTimelock to expire before making the draw. This way he can use lastResortTimelockOwnerClaimNFT to take back the reward NFT from the contract without any time to allow for the winner to claim. He cou...

Pending owner can front-run current owner when current owner wants to cancel the ownership transfer.

Lines of code Vulnerability details Impact OwnableUpgradable contract has been modified to transfer ownership in a two-step ownership transfer way. This introduces an issue of front-run when admin adds a pendingOwner but later on decides to cancel the ownership transfer. Pending owner can become...

Extending period in Lock contract will block user funds

Lines of code Vulnerability details Impact Extending lock will block users' funds. Contract: Lock.sol Proof of Concept Locking tokens with function lock... will update mapping mapping totalLocked for given asset with value of amount, here: totalLockedasset += amount. However, when extending lock...

Malicious drawingToken can make bad actor claim the raffle NFT

Lines of code Vulnerability details Description Malicious drawingToken address passed into factory.makeNewDraw can claim the raffle NFT. It can be exploited via a social engineering attack or another scenario is that a malicious owner can pretend to make a raffle with a malicious drawingToken and...

Pool.sol : Lack of slippage protection for swap

Lines of code Vulnerability details Impact Due to lack of slippage protection, user may suffer and incur loss of func in adverse condition. Proof of Concept Swap function is used to swap one toke for another token. While the swap function has check to ensure for exactOutput, but it does not have...

Storage collision in Collateral.sol

Lines of code Vulnerability details Vulnerability details collateral.sol is an upgradeable contract. Upgradeable contracts should not use the constructor to initialize variables, as these will be set in the contract storage of the implementation contract, instead of the intended contract storage ...

MintHook doesn't allow users with NFT score requirement to mint

Lines of code Vulnerability details Impact The depositHook contract checks that users are allowed to deposit either if they are on the allow list or if they have the required NFT score: if !accountList.isIncludedsender requiresatisfiesScoreRequirementsender, "depositor not allowed"; However, once...

PrePOMarket.sol : a sender who is not included in the account list can front run and mint prior to setting the _mintHook

Lines of code Vulnerability details Impact a sender who is not included in the account list can front run and mint prior to setting the mintHook. Proof of Concept The contract says, Minting will only be done by the team, and thus relies on the mintHook to enforce access controls. This is also why...

Value can be extracted from LPs

Lines of code Vulnerability details Impact Maverick allow liquidity to be moved based on TWAP to increase capital efficiency. However, the increased capital efficiency is not free. Consider a "right" move, the LP sell at lower price and move their liquidity to higher price, thus buying at higher...

saleReceiver and feeReceiver can steal refunds after sale has ended

Lines of code Vulnerability details First, lets go over how a buy happens. A buyer can buy NFTs at a higher price and then once the auction ends they can use refund to return the over payments. The effect is that they bought the NFTs at the lowest price Lowest Price Dutch Auction. Now, let's move...

User can pass auction recovery health check easily with flashloan

Lines of code Vulnerability details Description ParaSpace features an auction mechanism to liquidate user's NFT holdings and receive fair value. User has the option, before liquidation actually happens but after auction started, to top up their account to above recovery factor 1.5 instead of 1 an...

MarketplaceLogic.sol doesn't support ERC20 Tokens with fee on transfer

Lines of code Vulnerability details MarketplaceLogic.sol doesn't support ERC20 Tokens with fee on transfer Summary There are ERC20 tokens with transfer at fees. For checking if the transferred amount is the same as expected, code already compares balanceOf before and balanceOf after transfer...

NFTFloorOracle's asset and feeder structures can be corrupted

Lines of code Vulnerability details NFTFloorOracle's addAsset and addFeeder truncate the assets and feeders arrays indices to 255, both using uint8 index field in the corresponding structures and performing uint8assets.length - 1 truncation on the new element addition. 2^8 - 1 looks to be too tig...

Loss of ETH for NFT buyers in LPDA contract

Lines of code Vulnerability details Impact The buy function of LPDA sale contract can be invoked with 0 as the input value and 0 ETH as the sent valuemsg.value = 0. The buy function automatically ends the sale when newId == sale.finalId and distributes ETH to feeReceiver and saleReceiver. Since t...

The Ether for an LPDA mint sale can be locked in the LPDA contract indefinitely

Lines of code Vulnerability details Impact After a mint sale using LPDA, all the Ether can be locked in the LPDA contract indefinitely. Proof of Concept In the src/minters/ contracts, the .transfer function is used for sending Ether. It is used for sending fees to the feeReceiver, and in the...

Asset removal leaks previous asset prices which will be used again when asset is re-added.

Lines of code Vulnerability details Description NFTFloorOracle retrieves ERC721 prices for ParaSpace. Recordings of prices are managed in assetFeederMap, mapping between address and FeederRegistrar: struct FeederRegistrar // if asset registered or not bool registered; // index in asset list uint8...

Relayer/executor-already-set Error in CrossChainRelayerArbitrum Contract

Lines of code Vulnerability details Summary The setExecutor function in the CrossChainRelayerArbitrum contract improperly reverts when the executor variable has already been set. Impact This bug could prevent the CrossChainRelayerArbitrum contract from properly setting the executor variable,...

CrossChainExecutorPolygon does not implement the executeCalls function

Lines of code Vulnerability details Impact The CrossChainExecutor contracts in the codebase are meant to follow the CrossChainExecutor interface as defined in EIP-5164. Each L2 network specific CrossChainExecutor contract is also expected to inherit and follow the ICrossChainExecutor interface...

Fail to verify the result of a low level function call

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. It fails to check properly if the call is successful because: 1 It does not check the return data; 2 it does not check if the target address is a valid contract. A contract that has no code will still...

[ZZ-004] During the deprecation period where both .eth registrar controllers are active, a crafted hack can be launched and cause the same malicious consequences of [ZZ-001] even if [ZZ-001] is properly fixed

Severity: High Status: Has not been reported Description, Specifically, according to the documentation, there will be a deprecation period that two types of .eth registrar controllers are active. Names can be registered as normal using the current .eth registrar controller. However, the new .eth...

tokenID that is not minted will be stored into the feeRecipient storage

Lines of code Vulnerability details Impact In the original code, tokenID is incremented just after mint function is executed. Afterwards, tokenID is stored into the feeRecipient storage. As a result, tokenID that is not minted will be stored into the feeRecipient storage. Proof of Concept In the...

PirexERC4626 and PirexGmx doesn't support erc20 tokens with fee on transfer

Lines of code Vulnerability details PirexERC4626 and PirexGmx doesn't support erc20 tokens with fee on transfer Vulnerability details There are ERC20 tokens that charge fee for every transfer / transferFrom. Different functions assumes assumes that the received amount is the same as the transfer...

isContract might return false for the contracts

Lines of code Vulnerability details Impact The Turnstile contract's register function assumes the msg.sender is a smart contract. The validation of this is carried out in eventhandler.go's ValidateContract function. ValidateContract checks whether the address has an emptyCodeHash which is zero...

Steal deposit fund in ERC4626 vault by exchange rate manipulation

Lines of code Vulnerability details Impact Although the PirexERC4626 and AutoPxGlp contract check for 0 shares, the rounding down error can still be used to steal new user deposit. Part of the new deposit could be stolen. The attacker may monitor the pool activities to catch the steal...

Register and assign functions need more validation due to phishing vectors.

Lines of code Vulnerability details Impact The Turnstile contract is open for phishing. Since the interaction between the contracts is in atomic construction and the calls can't be controlled at low levels, it might open ways to phishing the contracts. Let's assume that there is a contract that i...

User can continuosly accrue rewards they are not due

Lines of code Vulnerability details Impact It is possible that block.timestamp can be manipulted by a user, thus allowing a malicious user to continuously acrue rewards they are not due, as long as the value is not 0 then rewards will be accrued function userAccrueERC20 producerToken, address use...

Possible lost msg.value in function distributeFees

Lines of code Vulnerability details Author: rotcivegaf Impact The function distributeFees don't checks if the tokenId exists and if the owner send value to the an non-exists tokenId, this one will stuck in the contract until the tokenId will minted, and take by the owner of the minted token that...

Funds are locked if can’t transfer reward to recipient in withdraw

Lines of code Vulnerability details Impact When recipient not able to received reward when call withdraw, as natspec: If contract is using proxy pattern, it's possible to register retroactively, however past fees will be lost. We not handle that case to get locked funds back. We should add...

Any address can assign itself with any existing NFT.

Lines of code Vulnerability details Impact The assign function of Turnstile contract does not validate whether the caller should be allowed to invoke this function. Any address can invoke this function with any pre-existing tokenId value as the input and the function will get executed successfull...

Med: withdrawDETH is not functional for array lengths greater than one.

Lines of code Vulnerability details Description The withdrawDETH function is used in GiantSavETHVaultPool to burn user's LP tokens and grant them dETH. It loops over all input vaults and all input LPTokens, and for each one calls lpTokenETH.burnmsg.sender, amount; Before that, it uses...

Staking Funds vault's LP holder cannot claim EIP1559 rewards after derivatives are minted for a new BLS public key that is not the first BLS public key registered for syndicate

Lines of code Vulnerability details Impact After the derivatives are minted for the first BLS public key registered for the syndicate, the Staking Funds vault's LP holder can claim the corresponding EIP1559 rewards received by the syndicate. However, after the derivatives are minted for a new BLS...

Medium: Giant pools are prone to user griefing, preventing their holdings from being staked.

Lines of code Vulnerability details Description batchRotateLPTokens in GiantMevAndFeesPool allows any user to rotate LP tokens of stakingFundsVaults around. function batchRotateLPTokens address calldata stakingFundsVaults, LPToken calldata oldLPTokens, LPToken calldata newLPTokens, uint256 callda...

bringUnusedETHBackIntoGiantPool in GiantSavETHVaultPool can be used to steal LPTokens

Lines of code Vulnerability details Impact real LPTokens can be transferred out of GiantSavETHVaultPool through fake savETHVaults provided by an attacker. Proof of Concept bringUnusedETHBackIntoGiantPool takes in savETHVaults, lpTokens, and burns certain amount olpTokens. The tokens are thoroughl...

A malicious user can steal all the excess balance on the pool by calling the execute function with higher amount than the selling amount

Lines of code Vulnerability details Impact When an order is matched, the Buyer has the option to pay in either ETH, WETH or via the Pool contract. The Exchange smart contract implements a function returnDust which returns the extra ETH to the user, if she overpays. The function is implemented in...

deposit and withdraw emit the same event than mint and burn in ERC20 and can affect to Dapps

Lines of code Vulnerability details Impact Deposit and Withdraw emit the same event than burn and mint than ERC20 so it's not possible to distinguish in a DAPP than deposit and withdraw are not mint or burn and could affect to the DAPP logics. For example, cointracking.info could understand in a...

Upgraded Q -> M from #381 [1668467789168]

Judge has assessed an item in Issue 381 as M risk. The relevant finding follows: There is no limit for FlashLoanFee function setFlashLoanFeeuint256 flashLoanFee external override onlyOwner uint256 oldFlashLoanFee = flashLoanFee; if oldFlashLoanFee == flashLoanFee revert...

Upgraded Q -> M from #348 [1668468155840]

Judge has assessed an item in Issue 348 as M risk. The relevant finding follows: L01 Wrong parameter order inside beforeTokenTransfer in LBtoken::burn call should be beforeTokenTransferaccount, address0, id, amount; --- The text was updated successfully, but these errors were encountered: All...

Upgraded Q -> M from #451 [1668467945427]

Judge has assessed an item in Issue 451 as M risk. The relevant finding follows: THRESHOLD LIMIT CHECKS Certain parameters of the contracts can be configured to invalid values, causing a variety of issues and breaking expected interactions between contracts. setFlashLoanFee allows the owner of...

EVERY TIME ONCE _execute FUNCTION COMPLETED NEED TO SET isOpen TO 0. OTHERWISE WE CAN CALL EXECUTE FUNCTIONS MULTIMPLE TIMES.

Lines of code Vulnerability details Impact IN THIS WAY WE CAN CALL AND EXECUTE FUNCTIONS MULTIPLE TIMES . EVERY TIME BEFORE CALL EXECUTE NEED TO CALL INITIALIZE FUNCTIONS. Proof of Concept function executeInput calldata sell, Input calldata buy public payable reentrancyGuard internalCall...

[H-01] owner not set in Pool.sol

Lines of code Vulnerability details The pool.sol contract here is an UUPSUpgradeable contract. But there is no initialize function where Ownableinit is called , due to which owner is 0x0. It would be impossible to call authorizeUpgrade or change ownership of the contract. POC Adding the following...

Broken Upgradable Logic in Pool.sol

Lines of code Vulnerability details Impact The Pool smart contract allows a user to predeposit ETH so that it can be used when a seller takes their bid. It uses an ERC1967 proxy pattern and only the exchange contract is permitted to make transfers. The smart contract inherits the...

Pool designed to be upgradeable but does not set owner, making it unupgradeable

Lines of code Vulnerability details Description The docs state: "The pool allows user to predeposit ETH so that it can be used when a seller takes their bid. It uses an ERC1967 proxy pattern and only the exchange contract is permitted to make transfers." Pool is designed as an ERC1967 upgradeable...

Native funds on the aggregator contract balance is a free grab

Lines of code Vulnerability details Native funds on the aggregator contract balance is a free grabLooksRareAggregator's execute returns the native balance of the contract to the caller even when nothing was provided with the call. This happens when LooksRareAggregator's execute is called directly...

internalCall modifier can be circumvented with execute / bulkExecute

Lines of code Vulnerability details Impact The internalCall modifier ensures that public functions can only be called from another public function and not directly. It is implemented like that: modifier internalCall requireisInternal, "This function should not be called directly"; ; The modifier...