Chainlink USD price feeds can have more than 8 decimals

Lines of code Vulnerability details Impact Collateral value is overestimated by orders of magnitude if asset that has a chainlink oracle USD price feed with more than 8 decimals is added. A borrower can borrow much more than allowed in an EscrowedLine Proof of Concept In Oracle.sol the USD price...

If bridge request fails users tokens are burned with no way to recover

Lines of code Vulnerability details Impact Users tokens are still burned at source chain with no way to recover them Proof of Concept try HolographOperatorInterfaceaddressthis.nonRevertingBridgeCallvalue: msg.value msg.sender, bridgeInRequestPayload /// @dev do nothing catch failedJobshash = true...

Fee on transfer tokens can make users receive less than they are supposed to

Lines of code Vulnerability details Impact Some tokens take a transfer fee e.g. STA, PAXG. Tokens like these will be supported because the vested amount will be the amount that was actually transferred i.e. the balance of the contract after the transfer, but it will cause the user to receive less...

Can overflow linear vest calculation and lock up funds

Lines of code Vulnerability details Impact If a Claim object for a user has a large enough vesting time and/or linear vesting amount, then that object can get into a state such that the calculations in baseVestedAmount overflow. If the baseVestedAmount calculations overflow, then the associated...

Invalid Use of BODMAS in TokenDistributor.sol and PartyGovernanceNFT.sol

Lines of code Vulnerability details Invalid Use of BODMAS in TokenDistributor.sol and PartyGovernanceNFT.sol In contract TokenDistributor.sol we initializing the value of uint128 fee using a mathematical way but in a wrong manner their brackets are missing which will clear out the instance of usi...

# Only part of keccak256() is used as hash, making it susceptible to collision attacks

Lines of code Vulnerability details At 2 places in the code only part of the output of keccak256 is used as the hash: At TokenDistributor - DistributionState.distributionHash15 - uses only a 15 bytes as a hash This one is intended to save storage At Crowdfund.governanceOptsHash a 16 bytes is used...

Tokens with fee on transfer are not supported

Lines of code Vulnerability details Impact There are ERC20 tokens that charge fee for every transfer or transferFrom. If this tokens are unsupported, ensure there is proper documentation about it. Proof of Concept 6 instances in 2 files: contracts/shutdown/fuse/RariMerkleRedeemer.sol...

DoS with block gas limit--External calls inside a loop might lead to a denial-of-service attack.

Lines of code Vulnerability details Impact --Check: calls-loop --Severity: Medium --Confidence: Medium External calls can fail accidentally or deliberately, which can cause a DoS condition in the contract. Proof of Concept -- --ConsenSys Smart Contract Best Practices -- -- Tools Used...

Rescue ETH at InfinityStaker.sol is incorrectly implemented

Lines of code Vulnerability details Impact Admins are unable to recover any ETH locked in the contract PoC The function rescueETHInfinityStaker.sol is incorrectly implemented. It is using msg.value instead of the balance of the contract /// @dev Admin function to rescue any ETH accidentally sent ...

Malicious Relayer Can Replay Execute Calldata On Different Chains Causing Double-Spend Issue

Lines of code Vulnerability details Proof-of-Concept This issue is only applicable for fast-transfer. Slow transfer would not have this issue because of the built-in fraud-proof mechanism in Nomad. First, the attacker will attempt to use Connext to send 1000 USDC from Ethereum domain to Optimism...

Swap routes are hardcoded for pools that do not exist yet.

Lines of code Vulnerability details Impact The route for swapping auraBAL to AURA is hardcoded and does not allow any flexibility. Proof of Concept The route for this swap is hardcoded to auraBAL - BAL/ETH BPT - WETH - AURA, with specific pool IDs. This seems to be done for the sake of simplicity...

Can overfill orders

Lines of code Vulnerability details Impact There's a bug in the partial order filling that allows an attacker to overfill any order fill more than the total size of the order. This bug happens because the fractions are stored as uint120s in orderStatus but intermediate computations to scale the...

VotingEscrow's merge and withdraw aren't available for approved users

Lines of code Vulnerability details Users who are approved, but do not own a particular NFT, are supposed to be eligible to call merge and withdraw from the NFT. Currently burn, used by merge and withdraw to remove the NFT from the system, will revert unless the sender is the owner of NFT as the...

ALMOST DEPRECATED TRANSFER() IS USED TO WITHDRAW ETHER

Lines of code Vulnerability details Impact transfer function can cause withdrawal to fail Proof of Concept function withdraw address assetAddress, address to, uint256 amount public LibDiamond.enforceIsContractOwner; address sendTo = to == address0 ? msg.sender : to; uint256 assetBalance; if...

Missing Signature Verification Leads To Critical Parameter Changes

Lines of code Vulnerability details Impact During the code review, It has been observed that, signature verification is commented out in the protocol. Without off-chain signature verification, an attacker is able to edit parameters in the protocol Proof of Concept 1. Navigate to the following...

Improper Validation Of Chainlink's latestRoundData() Function

Lines of code Vulnerability details Impact The calls to the latestRoundData function do not validate the output of the Chainlink oracle query. As a result, it is possible to use stale results when returning the TWAP price. latestRoundData is able to ensure the round is complete and has returned a...

ConvexStakingWrapper does not update rewards state before transferring tokens

Handle kenzo Vulnerability details ConvexStakingWrapper saves data for reward calculation in dedicated variables for each user, such as reward.rewardintegralforaccount. These variables are not updated when transferring wrapped staked tokens. Please note that Convex's original ConvexStakingWrapper...

MATIC/AVAX and AVAX/MATIC pools

Handle 0x0x0x Vulnerability details The MATIC/AVAX and AVAX/MATIC pools are close to being undercollateralized. Don't fall for the high APR Psyops, always check the collateralization before lending into a pool, otherwise borrowers will default and you will loose your asset --- The text was update...

vulnerability

Handle 0v3rf10w Vulnerability details In technical terms, Timeswap is an automated protocol based on the use of liquidity pools and implemented on the Ethereum blockchain. Users create liquidity pools with the participation of smart contracts. One pool is one marketplace providing exchange in a...

User can bypass Recovery Mode via UniswapHandler to buy Malt

Handle gzeon Vulnerability details Impact One of the innovative feature of Malt is to block buying while under peg. The buy block can be bypassed by swapping to the whitelisted UniswapHandler, and then extract the token by abusing the add and remove liquidity function. This is considered a high...

swapExactTokensForTokens in is used with amountOutMin = 0

Handle 0x0x0x Vulnerability details Impact In UniswapHandler.sol two important functions sellMalt and buyMalt use swapExactTokensForTokens with amountOutMin = 0. This is a big problem since miners can exploit this intensively. So miners can strongly manipulate the price, since they can order the...

Fee boundaries are not validated

Handle pauliax Vulnerability details Impact OverlayV1Mothership has declared variables named MINFEE and MAXFEE, or MINMARGINMAINTENANCE and MAXMARGINMAINTENANCE, however, none of these variables are used anywhere, e.g. I expected to see a fee validated with these min/max boundaries, but now...

TWAPOracle might register with wrong token order

Handle cmichel Vulnerability details The TWAPOracle.registerPair function takes in a factory and token0, token1. The function accepts a factory argument which means any Uniswap-like factory can be used. When using the actual Uniswap factory's IUniswapV2Factoryfactory.getPairtoken0, token1 call, i...

If newRatio can differ drastically from the old ibRatio attacks could take place

Handle tensors Vulnerability details Impact Consider L91 in Auction.sol. I'm not sure what the logic for updating the ibRatio in this case is. If the newRatio is larger/smaller than the old ibRatio than a user can mint/burn tokens in the basket contract, update the ratio, then burn/mint the...

Lack of return value check or use of SafeERC20 wrappers for token transfers

Handle 0xRajeev Vulnerability details Impact ERC20 tokens are specified to return a boolean value on token transfer and transferFrom. However, tokens may not adhere to the spec and return no value for success/failure. Checking the return values of ERC20 token transfers is therefore important to...

Lack of nonreentrant modifier or CEI pattern may lead to reentrancy

Handle 0xRajeev Vulnerability details Impact The Trader contract makes an external call to the market contract TracerPerpetualSwaps as part of executeTrade. The comments in code "// todo this could be succeptible to re-entrancy as // market is never verified” indicate that there could be a residu...

Decisionmaking in the DAO is to slow which results in the DAO not been able to use the CANCELLER_ROLE properly

Lines of code Vulnerability details Impact The time that takes the DAO to vote on a proposal is to long for the DAO to be a proper address to cancel scheduled operations. That is why no scheduled operation will ever be cancelled and potentially malicious operations from security exploits will be...

Ether will get stuck in ERC20TokenEmitter

Lines of code Vulnerability details ERC20TokenEmitter.sol:buyToken distributes the funds sent to purchase the tokens in the following way: 2.5% of the funds are sent to the RevolutionProtocolRewards contract. From the remaining funds, a percentage dependent on the creatorRateBps variable is sent ...

Users receive fewer tokens due to inaccuracy in calculation

Lines of code Vulnerability details Impact There is a loss of precision in the VRGDAC.yToX function, because in several places division occurs first, and then the result is multiplied. This results in users receiving fewer tokens. According to test data, the difference can be 8 digits. The choice...

Signature Malleability in CultureIndex::_verifyVoteSignature function

Lines of code Vulnerability details Impact The elliptic curve used in Ethereum for signatures is symmetrical, hence for every v,r,s there exists another v,r,s that returns the same valid result. Therefore two valid signatures exist which allows attackers to compute a valid signature without knowi...

Liquidation condition should not factor the liquidation reward into the premiums

Lines of code Vulnerability details Summary The premiums used to determine the liquidation condition have the liquidation reward already discounted, potentially causing a lien to be considered underwater while technically it is not. Impact Positions in Particle LAMM can be liquidated if the owed...

The entire AuctionHouse contract can be disabled by a wrong creator bps sum.

Lines of code Vulnerability details Vulnerability details Description There is a potential for a DoS in the AuctionHouse contract related to the buyToken call from the ERC20TokenEmitter. This is due to the buyToken requiring the bpsSum to be equal to 10000, but there is no restriction when creati...

Using block.timestamp as the deadline/expiry invites MEV

Lines of code 307 Vulnerability details Passing block.timestamp as the expiry/deadline of an operation does not mean "require immediate execution" - it means "whatever block this transaction appears in, I'm comfortable with that block's timestamp". Providing this value means that a malicious mine...

Reentrancy in mint function leads to various problems

Lines of code Mint function in minter contract: Mint function in core contract: Vulnerability details Bug Description When minting NFTs, users will using the mint function. This function will mint a NFT using the safeMint function. The problem is that this mint will be done before crucial variabl...

Biased rsETH price calculation in depositAsset results in lesser rsETH minted to user

Lines of code Vulnerability details Impact The LRTDepositPool acts as a simplified vault allowing restakers to transfer their liquid staked tokens and receive rsETH tokens based on the current rsETH exchange rate. rsETH are minted to user by interacting with depositAsset function of LRTDepositPoo...

stETH/ETH, rETH/ETH and cbETH/ETH chainlink oracles has too long of heartbeat and deviation threshold which can cause loss of funds

Lines of code Vulnerability details ChainlinkPriceOracle fetches prices from the Chainlink contracts. But the price feeds in the consideration has a very long price heartbeat and deviation rate which might lead to wrong price calculation and loss of token to the user. Impact According to the...

Send Ether will call instead of transfer

Lines of code Vulnerability details Impact transfer automatically forwards exactly 2300 gas to the receiving contract. This limitation can restrict smart contract's ability to interact with other contracts that require more gas for their operations like receiving eth, leading to failed transactio...

stakers can withraw reward without waiting the vesting period

Lines of code Vulnerability details Impact stakers can frontrun a reward giving transaction by monitoring the mempool for the function transferInRewards, and stake before it, and then unstake after to get rewards, if the cooldown is off. Proof of Concept imagine a scenario where the cooldown peri...

bad Actor can block the operation of mint by creating duplicate order by frunt runing original order

Lines of code Vulnerability details Impact bad Actor can block the operation of mint by creating duplicate order by frunt runing original order So basically the contracts are doing orders by users RFQ to system whether by API or front end. and make the mint process the problem is in the contract...

ExecutorPlugin missing payable when execute the transaction

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept executeTransaction in ExecutorPlugin is meant to execute transaction but in executeTxnAsModule function executeTxnAsModuleaddress account, Types.Executable memory executable internal...

Executor can effectively bypass _checkSubAccountSecurityConfig by adding a new Module

Lines of code Vulnerability details Impact An Executor is an account authorized to perform module execution on a subAccount through the ExecutorPlugin. Gnosis Safe Modules manage to bypass the entire guard logic Safe 1.5 has that new guard hook, but there's also no hook logic done in Brahma. For...

AfEth price calculation doesn't factor locked tokens held in contract balance

Lines of code Vulnerability details Summary When withdrawals are enqueued in AfEth, the implementation will remove the tokens from the caller and lock these in the contract until the withdrawal is made effective. These tokens still count in the supply, and must not be considered during price...

Leaky faucet

Lines of code Vulnerability details Impact Leaking is bad. Proof of Concept Turn off faucet, it leaks! Tools Used Hands Recommended Mitigation Steps Teflon tape. Assessed type Other --- The text was updated successfully, but these errors were encountered: All reactions...

An attacker can drain all the tokens from UserEscrow contract.

Lines of code Vulnerability details Impact An user who is allowed to invest can maliciously drain all the tokens from the UserEscrow contract from decreaseDepositRequest and decreaseRedeemRequest of LiquidityPool.sol contract. Both functions are first send to the router and when the call is...

"Divide-by-Zero Risk in convertToShares Function"

Lines of code Vulnerability details Description The convertToShares function calculates the number of shares based on the provided assets and the "latestPrice" obtained from the liquidityPool. While the code may appear straightforward, there is a specific security concern related to divide-by-zer...

Token recipient is an inaccessible address for contracts

Lines of code Vulnerability details Impact The msg.sender address from the SourceBridge.burnAndCallAxelar function is used by the DestinationBridge.mintIfThresholdMet function as the TOKEN recipient. However, the msg.sender address will not be controllable by contracts on L2, so any tokens will b...

Number of prize tiers may never scale due to aggressive new algorithm

Lines of code Vulnerability details Comments This issue is very similar to M-14 but covers another edge case where the threshold check is not performed when there are currently 14 prize tiers and at least 1 canary tier is claimed. This is due to an early return of MAXIMUMNUMBEROFTIERS. Mitigation...

check for the reentrancy attack is missed in the claim function

Lines of code Vulnerability details Impact the function claim in the LendingLedger.sol will send native token $CANTO to the msg.sender by .call which it can be EOA or Contracts, because there is no any RA checks the caller can make double call in the same time to get himself more tokens reward th...

swapExactTokensForTokens and swapTokensForExactTokens in OptionsPositionManager.sol uses UniswapV2Router01 which doesn't exist on Arbitrum

Lines of code Vulnerability details Impact The functions swapExactTokensForTokens and swapTokensForExactTokens are using UniswapV2Router01 to make swaps in different functions like closeDebt, withdrawOptionAssets or swapTokens, but that would not be possible and those function would revert. Proof...

executeOperation() doesn't pass/authenticate the initiator address

Lines of code Vulnerability details Impact In OptionsPositionManager.sol executeFlashloan. File: contracts/PositionManager/OptionsPositionManager.sol function executeOperation address calldata assets, uint256 calldata amounts, uint256 calldata premiums, address initiator, bytes calldata params...