The users are not able to withdraw the swapped amount

Lines of code Vulnerability details Impact The user will invoke swap from Operator.sol to swap their OHM tokens. But he will transfer their OHM and will never get the AmountOut Proof of Concept On Operator.sol: 1- invoking swap with tokenIn == ohm 2- the ohm.safeTransferFrommsg.sender, addressthi...

Treasury module is vulnerable to cross-contract reentrancy

Lines of code Vulnerability details Impact An attacker can pay back their loan to the treasury module with protocol-owned tokens. This will cause their loan to decrease despite the protocol won't be given funds for it. Proof of Concept The code first measures the number of tokens in the treasury,...

Non-standard/Malicious token transfers may cause loans not to be paid.

Lines of code Vulnerability details Impact Non-standard token transfers may cause loans not to be paid. Proof of Concept The TRSRY.sol has repayLoan function for the users to repay their loan as per the ERC20 token. The function is as below; function repayLoanERC20 token, uint256 amount external...

User with 33% votes held can execute self-endorsed Proposal

Lines of code Vulnerability details Impact Two issues here with one being low/medium and another being high severity. Not sure if it should be put into 2 separate reports. For OlympusGovernance contract in Governance.sol , a Proposal submitter can self-endorse a proposal they submitted themselves...

quorumvotes() on LogicV2 changed its signature.

Lines of code Vulnerability details Impact The team states: // NounsDAOLogicV2 removes: // - quorumVotes has been replaced by quorumVotesuint256 proposalId. But the signature of the function changed. It is a read-only function and it is hard to imagine a bad transaction flow with it. But is a bad...

The attacker consumes the contract's balance by controlling the gas-price or gas-used.

Lines of code Vulnerability details Impact The attacker consumes all of the contract's balance by controlling the gasPrice and gasUsed. Proof of Concept function refundGasuint256 startGas internal unchecked uint256 balance = addressthis.balance; if balance == 0 return; uint256 gasPrice =...

Check the return of .call when sending Ether

Lines of code Vulnerability details Impact It's considered a best practice to always check the return of the transaction when sending Ether with .call, since it's possible for a tx failure due to external factors out of the contract control. Currently, the contract emits an event with the result...

User can lose all governance power

Lines of code Vulnerability details Impact Contract is missing self delegation in case of delegateBySig function. This means if delegateBySig is called with zero address delegatee then User votes will be burned instead of setting delegatee to signatory Proof of Concept 1. User calls delegateBySig...

Users will never receive their borrow amount after tx the collateral

Lines of code Vulnerability details Impact You are not able to receive any borrowed amount after adding addCollateral Proof of Concept By invoking addCollateral you will transfer an amount of collateralAmount to the Pair But you will receive any borrowed amount Recommended Mitigation Steps Invoke...

Even if the _isBorrowerWhitelistActive is not active, contract can get deployed if _maxLTV < LTV_PRECISION

Lines of code Vulnerability details Impact FraxlendPairCore can get deployed even if isBorrowerWhitelistActive is not active. Proof of Concept if maxLTV = LTVPRECISION && !isBorrowerWhitelistActive revert BorrowerWhitelistRequired; The above condition revert when both condition is true. Incase,...

Different SafeERC20 contracts are being used

Lines of code Vulnerability details Impact Two different contracts with the name SafeERC20 are being used. Proof of Concept Tools Used Vim Recommended Mitigation Steps Use a different name for the contract. --- The text was updated successfully, but these errors were encountered: 👎 1 0xA5DF react...

Multiplication performed after division can truncate the results

Lines of code Vulnerability details Multiplication performed after division can truncate the results Impact Solidity could truncate the results, performing multiplication before division will prevent rounding/truncation in solidity math. Details This can affect variables such as slopes, interests...

LinearInterestRate mode has the risk of drastic fluctuation of interestRate by flash borrow attack, make borrower pay more interest

Lines of code Vulnerability details Impact In LinearInterestRate mode, the minInterest can be as low as MININT=0, and the maxInterest can be as high as MAXINT=146248508681. In getNewRate function, the newRate is determined by utilization. If utilization=1e5, the interestRate can be MAXINT. There...

Borrower can pay very little collateral for a huge amount of more valuable asset.

Lines of code Vulnerability details Impact When an approved borrower calls borrowAsset , they are able to borrow as much asset as possible and passing the user controlled collateralAmount input with a lesser value worth of collateral. For example, a user can pay 1 USDC collateral and receive 1000...

Possible frontrunning attack in Vault.

Lines of code Vulnerability details Impact First depositor will have the control of the vault and drain user funds. Proof of Concept The project uses VaultAccount.sol library for math implementations. To determine the number of shares to mint to a depositor, shares = amount total.shares /...

Owner can change timelock at any time

Lines of code Vulnerability details Contract FraxlendPair implements logic for changing timelock and protocol fee. The functionality of changing fee is reserved to TIMELOCKADDRESS which is expected to be a timelock contract that protects users from accidental changes of fee while using the...

Bad access control in AdminRole.sol can lead to all funds being stolen from FoundationTreasury.sol

Lines of code Vulnerability details Proof of concept FoundationTreasury.sol inherits CollateralManagement.sol which has the method function withdrawFundsaddress payable to, uint256 amount external onlyAdmin that can withdraw the whole balance of the treasury to the to address. It looks like it is...

Blocklist contract lack an unblock mechanism

Lines of code Vulnerability details Impact In Blocklist contract, the manager can block a contract from accessing VotingEscrow by calling the block function. If the manager calls the block function on a contract due to some misunderstanding, the manager cannot resume the contract's access to...

Creator can be incorrectly paid because of array truncate when distributing mint fee.

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The creatorRecipient and creatorShares can be forcefully trancated to a fixed length. And the truncated creator is not paid. Proof of Concept Provide direct links to all referenced code in GitHub. Add...

The current implementation of the VotingEscrow contract doesn't support fee on transfer tokens

Lines of code Vulnerability details Impact Some ERC20 tokens implemented so a fee is taken when transferring them, for example STA and PAXG. The current implementation of the VotingEscrow contract will mess up the accounting of the locked amounts if token will be a token like that, what will lead...

increaseUnlockTime missing _checkpoint for delegated values

Lines of code Vulnerability details PNM-001 increaseUnlockTime missing checkpoint for delegated values. Links Description In the VotingEscrow contract, users can increase their voting power by: Adding more funds to their delegated valule Increasing the time of their lock Being delegated by anothe...

Operator can use reentrancy within mintFromFixedPriceSale to bypass limitPerAccount.

Lines of code Vulnerability details Impact An operator can pass a contract as the buyReferrer parameter. When distributeFunds is called it sends ETH to the contracts' receive function. After transferring any NFTs the contract may have to another contract it calls mintFromFixedPriceSale passing a...

rbData.toCollateral address can be different than the token address set in swapData.dexTxData.

Lines of code Vulnerability details Impact rbData.toCollateral address can be different than the token address set in swapData.dexTxData. A manager can supply toCollateral address of the collateral within the contract but supply a different address in swapParams.dexTxData such that the contract...

The MIMOVaultActions contract cannot withdraw assets to the user

Lines of code Vulnerability details Impact The MIMOVaultActions contract provides users with the functions of depositing, withdrawing and borrowing assets, which is called by the delegatecall of the MIMOProxy contract. But when borrowing or withdrawing assets, there is no function provided to giv...

Manager is able to charge an excessive fee by taking out a larger than necessary flash loan

Lines of code Vulnerability details Impact The manager's fee is determined by the flash loan amount he takes out. A manager can take out a large flash loan to increase the fee due to him. Proof of Concept Manager needs to rebalance a vault. Manager only needs 50k flash loan. Manager takes out 2m...

[H3] Persisted msg.value in a loop of delegate calls can be used to drain ETH from your proxy

Lines of code Vulnerability details Impact msg.value in a loop can be used to drain proxy funds PoC While BoringBatchable is out of the scope, this bug affects seriously MIMOProxy as it inherits. Some time ago I read a report about an auditor called samczsung . I believe that you are having the...

Caller is able to set management params in a MIMOManagedRebalance proxy he doesn't own

Lines of code Vulnerability details Impact A caller is able to set management params with any MIMOManagedRebalance proxy as long as the caller is a vault owner, the caller has deployed a proxy, and the caller is set as a manager of said vault. Proof of Concept Using the MIMOProxy's multi-call, ca...

Calculating project cost is vulnerable to reaching block gas-limit

Lines of code Vulnerability details Impact The function Project.projectCost calculates the project costs by calculating the sum of all project task costs. However, due to the unbound for loop, iterating over a potentially large amount of project tasks, this function can potentially DoS due to...

Malicious callers can replay disputes

Lines of code Vulnerability details Unlike some of the other signature based operations in the Rigor system, dispute signatures do not include a nonce and are vulnerable to replay attacks. This is similar to my finding in 339, but lower severity, since it is more of a spamming/griefing vector...

No check if 'ecrecover()' fails

Lines of code Vulnerability details Impact addMember function makes a call to 'ecrecover' to grab the 'community owner' & 'new member'. The problem is that if 'ecrecover' fails it will return a 0 which is currently not guarded against. This was a problem in the famous Polygon Matic token bug. The...

Automation / management can be set for not yet existing vault

Lines of code Vulnerability details Impact & Proof Of Concept vaultOwner returns zero for a non-existing vaultId. Similarly, proxyRegistry.getCurrentProxymsg.sender returns zero when msg.sender has not deployed a proxy yet. Those two facts can be combined to set automation for a vault ID that doe...

block.timestamp used as time proxy

Lines of code Vulnerability details block.timestamp used as time proxy Summary: Risk of using block.timestamp for time should be considered. Details: block.timestamp is not an ideal proxy for time because of issues with synchronization, miner manipulation and changing block times. This can be...

Lent principal includes lender fee

Lines of code Vulnerability details Impact A community owner is able to lend funds to a project by calling the function Community.lendToProject. Lending requires the lender to pay a lenderFee, a percentage of the fee a lender has to pay to the HomeFi system. However, the current implementation...

In Community.sol, the interest calculation formula is not correct.

Lines of code Vulnerability details Impact Currently, it calculates interest using the number of days and builders would pay nearly half or less interest than they should. So lenders wouldn't get the interest as expected and it means builders can steal the interest from lenders. Proof of Concept ...

DOS on valid signatures

Lines of code Vulnerability details Impact It was observed that signature matching can fail due to incorrect updation of operatorIndex. Each loop iteration should reset operatorIndex but this is not happening causing matches to be skipped as shown in POC Proof of Concept 1. Assume...

Misleading mapping delegates

Lines of code Vulnerability details The mapping delegates in VoteEscrowDelegation can be misleading it is not updated when a delegation is removed. If someone is relying on this value not the case here, because this mapping is never used in the contracts ?, but we can assume that it has / will ha...

Fees are lost after GOLOM token supply limit has been reached

Lines of code Vulnerability details Impact When the 1 billion supply has been reached for the GOLOM token, addFee in RewardDistributor will automatically return to the start without updating any trades, however will still accept fees being sent from GolomTrader. These fees however cannot be claim...

Attacker can steal all the wrapped tokens, ether or native currency contained in the ReceiverImplementation contract

Lines of code Vulnerability details Impact since all the functions in the ReceiverImplemention are all designed to be called by DepositBase and AxelarDepositService, why not create a simple modifer to check if msg.sender equals either of the two when a delegatecall or call occurs, like so modifie...

High risk with links to code

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps --- The...

[PNM-001] PARENT_CANNOT_CONTROL can be bypassed by maliciously unwrapping parent node

Lines of code Vulnerability details Description By design, for any subdomain, as long as its PARENTCANNOTCONTROL fuse is burnt and does not expire, its parent should not be able to burn its fuses or change its owner. However, this contraint can be bypassed by a parent node maliciously unwrapping...

Incorrect implementation of RRUtils.serialNumberGte

Lines of code Vulnerability details Impact Comparing serial numbers should follow RFC1982 due to the possibility of numbers wrapping around. RRUtils.serialNumberGte tried to follow the RFC but failed to do so, leading to incorrect results in comparison. Proof of Concept For a serial number i1 to ...

Incorrect amount of Collateral moves for Auction

Lines of code Vulnerability details Impact It was observed that the debt and collateral which moves for Auction is calculated incorrectly. In case where line.proportion is set to small value, chances are art will become lower than min debt. This causes whole collateral to go for auction, which wa...

Auctions can be started for same undercollateralized vault using different Witch contracts, which causes vault collateral loss

Lines of code Vulnerability details Impact Given that there are two deployed Witch contracts, two auctioneers are calling Witch 1 and Witch 2's auction functions for the same vault at similar times. Both transactions are included in the same block for which the governances of these Witch contract...

auction.start might be zero after a new auction is created.

Lines of code Vulnerability details Impact Currently several functions consider the auction is valid when auction.start 0 and they don't work properly when auction.start = 0. Proof of Concept In this part, auction.start = 0 when block.timestamp = 232 exactly. Of course, this is an edge case and...

Incorrect validation check results with always initial proportion to the liquidator.

Lines of code Vulnerability details Impact The liquidator will get the initial proportion of value irrespective how long the time passed. Proof of Concept if duration == typeuint32.max in above condition check need to be checked with "elapsed" not with "duration" . Since it was mentioned that...

Upgraded Q -> M from 233 [1657954928095]

Judge has assessed an item in Issue 233 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> M from 163 [1657895636410]

Judge has assessed an item in Issue 163 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

With most functions in VaultTracker.sol, users can call them only once after maturity has been reached.

Lines of code Vulnerability details Impact With most functions in VaultTracker.sol, users can call them only once after maturity has been reached. So from the second call of any functions after maturity, it will revert and users might lose their funds or interests. Proof of Concept The main probl...

Swivel.setFee() is implemented wrongly.

Lines of code Vulnerability details Impact Swivel.setFee is implemented wrongly. Swivel.feenominators won't be set as expected. Proof of Concept This function has a parameter "i" for the index of the new fee denomination but it isn't used during the update. Tools Used Solidity Visual Developer of...

buyoutPrice precision is lost in Buyout's start and Migration's commit

Lines of code Vulnerability details Buyout's start now determine the price for buyout with the truncation to 1% of supply. When buyout initiator brings in the big enough amount of fractional tokens current formula can yield substantial mispricing of initiator's fractional tokens value, which will...