internalCall modifier can be circumvented with execute / bulkExecute

Lines of code Vulnerability details Impact The internalCall modifier ensures that public functions can only be called from another public function and not directly. It is implemented like that: modifier internalCall requireisInternal, "This function should not be called directly"; ; The modifier...

Without strictly verifying the attribution of balance and the size of the balance when refunding, hackers may use the attack to steal all ERC20 tokens！

Lines of code Vulnerability details Impact When using any ERC20 token to purchase NFT, after the purchase is successful, the 108th line of code in the contract LooksRareAggregator determines whether there are any remaining unused ERC20 tokens. If there is any remaining, it will be returned to the...

The bulkExecute function does not bypass failed executions.

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. According to the documentation, "Add bulk execute function; attempted executions that fail should be bypassed". However, the implementation of bulkExecute does not conform to this spec. Fail executions...

Loss of user funds

Lines of code Vulnerability details Impact The LooksRareAggregator contract can receive ether but cannot return it unless through the returnERC20TokensIfAny or returnETHIfAny function. This means that there is a scenario where a user can accidentally transfer funds to this contract and those fund...

Closing an unexisting credit can overflow the credit count variable in the LineOfCredit contract

Lines of code Vulnerability details The LineOfCredit contract doesn't verify if a credit exists and is properly initialized when closing it, and will update its state anyway, leading to an inconsistent count. Impact The close function in the LineOfCredit contract doesn't check if the given credit...

call() should be used instead of transfer() on address payable

Lines of code Vulnerability details Proof of Concept The use of the deprecated transfer function for an address will inevitably make the transaction fail when: 1. The claimer smart contract does not implement a payable function. 2. The claimer smart contract does implement a payable fallback whic...

Borrower can put their address when submiting addCredit() which can make the lender not be able to withdraw tokens

Lines of code Vulnerability details Impact when calling addCredit by borrower, they can choose to put in their address as the lender instead of the actuall lender. this can bring problems later on when the lender is trying to withdraw funds from the contract. they wont be able to withdraw the fun...

Line of credit status can be set to REPAID even if having credits with debt

Lines of code Vulnerability details A malicious borrower can close non-existing credits to alter the status of the credit to LineLib.STATUS.REPAID, even if having open credit with debt. Impact The close function in the LineOfCredit contract can be used to close non-existing credits, which will...

Borrower can craft a borrow that cannot be liquidated, even by arbiter.

Lines of code Vulnerability details Description LineOfCredit manages an array of open credit line identifiers called ids. Many interactions with the Line operate on ids0, which is presumed to be the oldest borrow which has non zero principal. For example, borrowers must first deposit and repay to...

No commitment to data passed as input to the init contract during the execution of the diamond cut proposal

Lines of code Vulnerability details Description There is a function executeDiamondCutProposal in the DiamondCutFacet contract. It checks that proposal data passed as input to this call is equal to the data that is declared when the creation of this proposal using the following logic: require...

Draining baseToken from contract by calling finalize function multiple times

Lines of code Vulnerability details Impact Draining baseToken from SizeSealed contract by calling finalize function multiple times Proof of Concept The finalize function can be called multiple times by providing clearingQuote to typeuint128.max. Currently inside finalize function there is no chec...

[PNM-002] finalize with malicious input may lock bidder funds in the contract

Lines of code Vulnerability details Description The finalize function of the contract SizeSealed is used to finalize an auction, allowing the auctioner or seller to be paid quote tokens and also eventually allowing successful bidders to withdraw base tokens. Once the finalize function is called,...

quoteToken could be fee-on-transfer token

Lines of code Vulnerability details Impact Some ERC20 tokens could have fees for each transfer, they are known as "fee-on-transfer" tokens. While there is a check inside createAuction function that prevents these tokens from being baseToken, FoT tokens still allowed to be quoteToken which could...

Any use of fee-on-transfer tokens as quote tokens in auctions will result in freeze or loss of funds for users.

Lines of code Vulnerability details Description SIZE auctions do not support fee-on-transfer tokens. The platform rejects taxed baseToken during createAuction: // Passes https://github.com/transmissions11/solmate/blob/main/src/utils/SafeTransferLib.solL9 // Transfer base tokens to auction contrac...

Malicious seller can finalize his/her auction without changing data.lowestQuote , then auction's state will not be updated to States.finalized and this seller can repeat finalize or cancel auction to steal tokens from contract

Lines of code Vulnerability details Vulnerable details In contract, an auction's state will beStates.Finalized if data.lowestQuote of this auction is different from typeuint128.max. L33-34 data.lowestQuote is assigned to equal clearingQuote when seller finalize auction. L238 This value will be...

Contracts will not working correctly after February 2106. Vesting will be locked forever if withdrawn after February 2106.

Lines of code Vulnerability details Impact Contracts will not working correctly after February 2106. Migration takes costs and is risky. You shouldn't pass on this work to future programmers. You should fix it in the first place. In case anything went wrong during migration, a big fund loss will...

Attacker can drain the SizeSealed.sol contract.

Lines of code Vulnerability details Impact An attacker can drain the SizeSealed.sol contract buy creating fake auction and manipulating some contract logic. POC Assuming that the SizeSealed.sol initially contains 10000 DAI tokens, I’ll demonstrate how an attacker can steal these tokens. The bug i...

Cross-chain replay attacks are possible with create2()

Lines of code Vulnerability details Impact Mistakes made on one chain can be re-applied to a new chain There is no chain.id in the create2 function data If a user does create2 using the wrong network, an attacker can replay the action on the correct chain, and steal the funds a-la the wintermute...

[Tomo-H1] All funds can drain if some conditions matched

Lines of code Vulnerability details function finalizeWithdrawal uint256 l2BlockNumber, uint256 l2MessageIndex, uint16 l2TxNumberInBlock, bytes calldata message, bytes32 calldata merkleProof external nonReentrant senderCanCallFunctionallowList...

Double spending risk in L1 Bridge Contract

Lines of code Vulnerability details Impact There is double spending risk in L1 Bridge Contract. The user may call claimFailedDeposit to release their locked fund while they still have token balance in L2 network. Proof of Concept Let us focus on the L1ERC20Bridge.sol /// @dev Withdraw funds from...

replenishmentPriceBps can be set arbitrarily high by the operator

Lines of code Vulnerability details Impact The operator can increase the debt of a user with any deficit, beyond what is reasonable. Proof of Concept replenishmentPriceBps can be set arbitrarily high by the operator: function setReplenishmentPriceBpsuint newReplenishmentPriceBps public onlyOperat...

If transferring DBR after borrowing DOLA in same transaction, DBR amount that is used already for borrowing DOLA can still be shared to allow users who do not own DBR to borrow DOLA

Lines of code Vulnerability details Impact Although my other finding named "DOLA can be borrowed without owning any DBR" indicates that users who do not own any DBR can still borrow DOLA, the design still appears to only allow the DBR owners to borrow DOLA; this is confirmed by , which states tha...

Transfer from does not make check for allowance size

Lines of code Vulnerability details Impact Transfer from does not make check for allowance size Proof of Concept Tools Used Static analytics Recommended Mitigation Steps Add check to be sure that currentAllowance = amount is true --- The text was updated successfully, but these errors were...

Deprecated ChainLink API

Lines of code Vulnerability details Impact According to Chainlink's documentation, the latestAnswer function is deprecated. This function might suddenly stop working if Chainlink stop supporting deprecated APIs. And the old API can return stale data. Proof of Concept function latestAnswer externa...

# [KB123-M-1]. return(timestamp / WEEK) * WEEK; is in seconds instead of weeks.

Lines of code Vulnerability details Medium Report KB123-M-1. returntimestamp / WEEK WEEK; is in seconds instead of weeks. Vulnerability details Impact return timestamp / WEEK WEEK; is in seconds Rounded by seconds in 1 week instead of weeks Causing timestamp logic to be broken POC Epoch timestamp...

The decimal calculation is wrong for tokens with decimals < 18, it will highly inflate the price.

Lines of code Vulnerability details Impact The decimal calculation is wrong for tokens with decimals 18, it will highly inflate the price. Every function that uses oracle price such as borrow and liquidation will be wrong for tokens with decimals 18. Proof of Concept uint8 decimals = 36 -...

A single point of failure is not acceptable for this project

Lines of code Vulnerability details Impact The pause function on WardenPledge.sol has a single point of failure and onlyOwner can stop all project. Owner is not behind a multisig and changes are not behind a timelock.This information hasnt got in documents Even if protocol admins/developers are n...

In DBR.sol when burning dueTokensAccrued is not decrased

Lines of code Vulnerability details Impact When burning we should also decrease the dueTokensAccrued balance as there is no other way to decrease it, and it makes sense that repaying the DBR should reduce the token debt. Proof of Concept The dueTokensAccrued can only increase l.288, while when...

[M1] Owner can steal any createdPledge's tokens

Lines of code Vulnerability details Impact Malicious owner can steal any created pledge even to drain the whole contract Proof of Concept Functions like recoverERC20 are good to recover tokens accidentally transferred to a contract. The common approach for these function is to exclude real tokens...

arbitrary send erc20 safeTransferFrom

Lines of code Vulnerability details Impact uses arbitrary from in safeTransferFrom when msg.sender is not used as from in safeTransferFrom. Proof of Concept Alice approves this contract to spend her ERC20 tokens. Bob can call a and specify Alice's address as the from parameter in safeTransferFrom...

Public Detectors arbitrary send erc20

Lines of code Vulnerability details Impact this flaw allows user B to steal the tokens approved by user A Proof of Concept Exploit Scenario: function aaddress from, address to, uint256 amount public erc20.transferFromfrom, to, am; Alice approves this contract to spend her ERC20 tokens. Bob can ca...

Recursive call attack of the fallback function of Holographer

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The fallback function will forward all calls except those that appear in Holographer to the HolographerEnforcer which is obtained by calling address holographEnforcer = getHolographEnforcer; However, if...

Pod can (likely) be chosen by miner

Lines of code Vulnerability details Impact The miner can chose pod with high probability. Proof of Concept The random number generation can be easily influenced by the miner by setting block.timestamp to within an acceptable value ranging some 10-15 consecutive values seconds. Since this is hashe...

Pseudo randomness is not recommended

Lines of code Vulnerability details Impact Use of pseudo randomness in chain is not recommended as it can be predicted by anyone, this can affect value in case of minting or withdrawing in some scenarios Proof of Concept Tools Used Recommended Mitigation Steps Use oracles --- The text was updated...

Beneficiary loses credit when specifying payment with flag _dontMint = true

Lines of code Vulnerability details Impact In the function processPayment, it will use provided JBDidPayData to mint to the beneficiary. The payment can specify some flags to help guiding how balance will be used to mint. There is a flag dontMint indicating if the transaction should not mint...

Attacker can steal entire reserves by abusing fee calculation

Lines of code Vulnerability details Description Similar to other LP pools, In Trader Joe users can call mint to provide liquidity and receive LP tokens, and burn to return their LP tokens in exchange for underlying assets. Users collect fees using collectFessaccount,binID. Fees are implemented...

Redemption weight of tiered NFTs miscalculates, making users redeem incorrect amounts - Bug #1

Lines of code Vulnerability details Description Redemption weight is a concept used in Juicebox to determine investor's eligible percentage of the non-locked funds. In redeemParams, JB721Delegate calculates user's share using: uint256 redemptionWeight = redemptionWeightOfdecodedTokenIds; uint256...

Loss of user funds by balance manipulation

Lines of code Vulnerability details Impact Breaking of the accounting logic, loss of user funds Proof of Concept The project uses LBPair's mint function to mint LBTokens to the user with additional safety checks when the user provides liquidity to the pair...

Beneficiary credit balance can unwillingly be used to mint low tier NFT

Lines of code Vulnerability details Impact In the function processPayment, it will use provided JBDidPayData from JBPaymentTerminal to mint to the beneficiary. The value from JBDidPayData will be sum up with previous credits balance of beneficiary. There are 2 cases that beneficiary credit balanc...

Deactivated tiers can still mint reserve tokens, even if no non-reserve tokens were minted.

Lines of code Vulnerability details Description Tiers in Juicebox can be deactivated using the adjustTiers function. It makes sense that reserve tokens may be minted in deactivated tiers, in order to be consistent with already minted tokens. However, the code allows the first reserve token to be...

NFT Owner can keep add new tiers to increase the NFT supply with no upper limit to dilute the redemption power of the NFT from old tiers

Lines of code Vulnerability details Impact Owern can adjust tiers, adding tiers with no restriction. function adjustTiersJB721TierParams calldata tiersToAdd, uint256 calldata tierIdsToRemove // Add the tiers. if numberOfTiersToAdd != 0 // Record the added tiers in the store. uint256 memory...

Uninitialized Storage Variables

Lines of code github.com/jbx-protocol/juice-nft-rewards/blob/f9893b1497098241dd3a664956d8016ff0d0efd0/contracts/JBTiered721DelegateStore.solL344 github.com/jbx-protocol/juice-nft-rewards/blob/f9893b1497098241dd3a6649568016ff0d0efd0/contracts/JBTiered721DelegateStore.solL1024 Vulnerability details...

The tier setting parameter are unsafely downcasted from type uint256 to type uint80 / uint48 / uint40 / uint16

Lines of code Vulnerability details Impact The tier setting parameter are unsafely downcasted from uint256 to uint80 / uint48 / uint16 the tier is setted by owner is crucial because the parameter affect how nft is minted. the the callstack is JBTiered721Delegate.solinitialize - StorerecordAddTier...

The arithmetic operator can overflow

Lines of code Vulnerability details Impact It is possible to cause an integer overflow or underflow in the arithmetic operation. Description An overflow/underflow happens when an arithmetic operation reaches the maximum or minimum size of a type. For instance if a number is stored in the uint8...

Standard policy price matching is flawed

Lines of code Vulnerability details Impact Already placed orders may be highly unlikely able to be matched and executed. An order has to be created specifically for an already existing order with the intent to match and execute it. This severely impedes the functionality of the exchange, wastes...

Passing chain id from outside

Lines of code Vulnerability details Impact Passing chain id from outside. Incorrect chain id can be passed. Proof of Concept Tools Used Static analytics Recommended Mitigation Steps Use assembly to obtain current chain id. --- The text was updated successfully, but these errors were encountered:...

USE OF SOLIDITY VERSION 0.8.14 WHICH HAS KNOWN ISSUES APPLICABLE TO Blur Exchange

Lines of code Vulnerability details Vulnerability details Vulnerability related to ‘Optimizer Bug Regarding Memory Side Effects of Inline Assembly’ ref : Blur Exchange inherits solidity contracts from openzeppelin and these uses inline assembly, and optimization is enabled while compiling...

ERC1155's Amount Parameter Manipulation To Steal Buyers' Funds

Lines of code Vulnerability details Vulnerability Details We discovered that a rogue seller i.e., attacker can place an order for selling N amount where N 1 of a specific token id of an ERC-1155 NFT collection. However, when the sell order is fulfilled by a buyer, the attacker would spend only 1...

StandardPolicyERC1155.sol doesn't validate the order.amount properly.

Lines of code Vulnerability details Impact StandardPolicyERC1155.sol doesn't validate the order.amount properly. This contract is used to check a policy for matching orders of ERC1155 tokens. But it doesn't check the amount of ERC1155 token properly and traders might lose their funds unexpectedly...

Underhanded meaning of expirationTime == 0

Lines of code Vulnerability details Impact The pwner of BlurExchange can reject the rigor of code and fulfill the ambiguity of human expression, forcing a reinterpretation of expirationTime == 0 to "no expiration time at all". Unexpirable orders in the vicissitudes of the crypto markets do not...