Delegation rewards are not counted toward granting fund

Lines of code Vulnerability details Impact Each period reserves a reward for granting up to 3% GBC: Global Budget Constraint. The GBC is split into two parts: 1. 90% for proposal granting. Any proposal requesting more than 90% will revert. The total amount requested across winning proposals must...

Extraordinary Funding proposal could be susceptible back-run

Lines of code Vulnerability details Impact An extraordinary proposal can be proposed, voted on, and executed within a single transaction, in the same block. As a result, an attacker with enough voting power to meet the conditions on their own could back-run a transaction to steal funds from the...

Mitigation Confirmed for Mitigation of M-05: See comments

Mitigated issue M-05: Missing derivative limit and deposit availability checks will revert the whole stake function The issue was that stake calls deposit on each derivative without considering certain conditions under which some deposit might revert. There is an overlap between this issue and...

Mitigation of M-02: Issue perhaps NOT sufficiently mitigated

Mitigation of M-02: Issue perhaps NOT sufficiently mitigated Mitigated issue M-02: sFrxEth may revert on redeeming non-zero amount The issue was that SfrxEth.withdrawamount may revert when called in unstake, blocking unstaking, if amount is low most realistically if amount == 1. Mitigation review...

Measuring the withdrawal delay in block production time won't work properly on chains where the production time is not 12 seconds

Lines of code Vulnerability details Proof of Concept For withdrawals other than beaconChainETH, the variables withdrawalDelayBlocks and MAXWITHDRAWALDELAYBLOCKS will be used to enforce a delay for withdrawals in StrategyManager.sol. Currently MAXWITHDRAWALDELAYBLOCKS is set to 50400. uint256 publ...

Staker can bypass the debt accrued via beaconChainETHSharesToDecrementOnWithdrawal by transferring shares to another address

Lines of code Vulnerability details Description When a staker is verified to have over-committed and the over-committed amount is greater than their outstanding shares, they accrue a debt that is captured by beaconChainETHSharesToDecrementOnWithdrawal. This debt eventually gets settled when the...

Integer Overflow Large numbers of strategies/deposits could overflow arrays stakerStrategyList

Lines of code Vulnerability details Impact Overflows of the staker StrategyList and StrategyShares arrays could allow an attacker to manipulate a staker's data by reusing keys. Once the arrays have wrapped around, depositing into a large number of strategies or requesting withdrawals for the same...

[H-02] Owner cannot freeze and thus cannot slash a queued withdraw that has the delegatedAddress being the 0 address.

Lines of code Vulnerability details canSlash checks to see if the block number is less than whitelistedContractDetailstoBeSlashedslashingContract, which will be 0 if a user has not delegated an address. This will revert freezeOperatorand not allow an owner/watcher to freeze the address, and thus...

Staker can avoid ETH slash by front run slashQueuedWithdrawal() with completeQueuedWithdrawal()

Lines of code Vulnerability details Impact Malicious staker can avoid the service's slash on its restaked ETH shares. Proof of Concept This issue is similar to Staker can avoid ETH slash by front run slashShares with verifyOvercommittedStake, but with a different logic. When a service/middleware...

MAX_WITHDRAWAL_DELAY_BLOCKS assumes that block time is always 12 seconds

Lines of code Vulnerability details Impact Block time may change in the future which may affect the protocol's withdrawal functionality. Proof of Concept StrategyManagerStorage.sol assumes a 12-second blocks timing. If the block time changes in the future the MAXWITHDRAWALDELAYBLOCKS of one week...

Access Control Unauthorized access to restricted functions setWithdrawalDelayBlocks

Lines of code Vulnerability details Impact By exploiting the owner's role through social engineering, an attacker could theoretically gain indirect control over any functions that require owner authorization. Specifically, the ability to manipulate withdrawal delays and other critical security...

Upgraded Q -> 2 from #882 [1683052827510]

Judge has assessed an item in Issue 882 as 2 risk. The relevant finding follows: changeFeeQuote reverts for tokens with decimals less than 4 --- The text was updated successfully, but these errors were encountered: All reactions...

Testing Issue Type

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps testing...

Upgraded Q -> 2 from #240 [1683052133668]

Judge has assessed an item in Issue 240 as 2 risk. The relevant finding follows: LOW‑11 tokenURI does not follow EIP-721 The EIP states that tokenURI "Throws if tokenId is not a valid NFT", which the code below does not do. If the NFT has not yet been minted, tokenURI should revert Proof Of Conce...

Offchain resolver can be subject to man in the middle attacks

Lines of code Vulnerability details Description Calls to the offchain resolver are produced by the code below: function resolve bytes calldata name, bytes calldata data external view returns bytes memory string memory urls = new string; urls0 = gatewayURL; revert OffchainLookup addressthis, urls,...

Upgraded Q -> 2 from #883 [1682591284215]

Judge has assessed an item in Issue 883 as 2 risk. The relevant finding follows: This could cause stake and unstake to permanently revert for an prolonged period of time, as it is possible for deposit and withdraw to revert due to unchecked external conditions: Reth The rocket pool DAO can disabl...

Timestamp manipulation affects DNSSEC records on contracts/dnssec-oracle/DNSSECImpl.sol

Lines of code Vulnerability details Impact timestamp parameter to validate DNSSEC records. The timestamp parameter is passed as an argument to the verifyRRSIG function, which is responsible for verifying that the DNSSEC record is valid at a specific point in time. If the timestamp parameter can b...

From integer Overflow to DoS attack that leads to financial losses in ModexpPrecompile.modexp function and RSAVerify library.

Lines of code Vulnerability details Impact This vulnerability to cause unexpected behavior or even a denial-of-service attack on a contract that uses the RSAVerify library on . The vulnerable code is at: Integer overflow in modexp function in ModexpPrecompile does not perform any input validation...

Test for submit findings in api

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. dfdsf Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. efsdfsf Tools Used Recommended Mitigation...

Test for emails sent from api - and manage findings

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps --- The...

Equity.sol : restructureCapTable is not using correct index in array

Lines of code Vulnerability details Impact When array of addresses are passed to restructure in the emergency situation, contract would revert due to accessing the first index always. Not able to restructure in single call during emergency. Proof of Concept function restructureCapTableaddress...

Lack of removal of minters reduces chances of survival

Lines of code Vulnerability details Impact It is reasonable to assume there will be occasions of misbehaving minters that will threaten the functioning of the Frankencoin ecosystem and there is no way to disable any such minter without redeploying the contract. Ex. an attacker can deploy a...

Minter and position privileges allow unrestricted minting and burning of arbitrary tokens

Lines of code Vulnerability details Any registered minter and a position belonging to him have absolute control of minting and burning tokens on all accounts. Impact New minting mechanisms are subject to governance approval i.e. can be veto’ed. These, however, will be arbitrary contracts with...

Allowance not updated correctly

Lines of code Vulnerability details Impact allowance doesn't get updated properly therefore an attacker contract can exploit the token contract by transferring some tokens and still spend the same amount of allowance. Here are the steps: calling approve function from ERC20.sol with the spender...

POSITION LIMIT COULD BE FULLY REDUCED TO ZERO BY CLONES

Lines of code Vulnerability details Impact A newly opened position could have its limit fully reduced to zero as soon as the cooldown period has elapsed. Proof of Concept As seen in the function below, a newly opened position with 0 Frankencoin minted could have its limit turn 0 if the function...

Use of revert Statement in requireOwner Function in Ownable Contract May Cause Unexpected Behavior

Lines of code Vulnerability details Summary: There is a potential issue with the error handling in the requireOwner function that may lead to unexpected behavior. Description: Description: The Ownable contract provides basic access control by defining an owner address that can be granted exclusiv...

MaxContribution check can be bypassed to give a card high voting power

Lines of code Vulnerability details Proof of Concept ReraiseETHCrowdfund tries limit the voting power of each card by doing a min/maxContribution check in claim and claimMultiple. uint96 contribution = votingPower 1e4 / exchangeRateBps; uint96 maxContribution = maxContribution; // Check that the...

Incorrect calculation of virtualBaseTokenReserves leads to incorrect pricing of NFTs

Lines of code Vulnerability details virtualBaseTokenReserves is recalculated every time a buy or sell operation is performed. The calculation is done incorrectly, so the next time a sale is made the price will be updated incorrectly. Impact buy and sell operations will be performed with incorrect...

It's not always possible for a user to claim their voting power in ReraiseETHCrowdfund

Lines of code Vulnerability details Proof of Concept When a ReraiseETHCrowdfund has finalized, a user has 2 ways to claim their voting power - claim or claimMultiple. The condition in claim is that user's total contribution is no greater than the maxContribution. uint96 contribution = votingPower...

Upgraded Q -> 2 from #245 [1681331462696]

Judge has assessed an item in Issue 245 as 2 risk. The relevant finding follows: 3. Insecure random number generation: Link : The current implementation of the drawing function uses a simple modulo operation with the seed as an argument, which can be easily predicted by attackers. I recommend usi...

Upgraded Q -> 2 from #44 [1680620528235]

Judge has assessed an item in Issue 44 as 2 risk. The relevant finding follows: Low 1 RescueTokens doesn't have checks for fee0 & fee1 tokens. Admin might accidentally withdraw fee tokens that are supposed to be for the stakers: --- The text was updated successfully, but these errors were...

Attacker can take a loan offer without providing the NFT from requested collection by using function borrowerRefinance()

Lines of code Vulnerability details Impact Function borrowerRefinance allows the borrower to repay the previous loan and take a different loan offer. In the codebase, there is no check to ensure that collateral collection of previous loan and new loan offer are the same. It can be abused by an...

Reth flashloan attack

Lines of code Vulnerability details Impact Using a flashloan to manipulate rETH/ETH price a hacker can receive more SafEth shares for the same amount of ether, thus draining all three derivative contracts rETH, SfrxEth and WstEth. Proof of Concept Reth.poolPrice depends on UniswapV3 pool.slot0...

REth token price can be manipulated

Lines of code Vulnerability details Impact Currently, all deposit operations split the received ETH between derivatives. One of them is rETH, trading on Pool 0xa4e0faA58465A2D369aa21B3e42d43374c6F9613 with around 1500 ETH in liquidity for each side. The price calculation for splitting deposits in...

All the FRX_ETH tokens of SfrxEth contract can be drained by a malicious user.

Lines of code Vulnerability details Impact The impact of this finding is severe, as it can result in the complete loss of FRXETH tokens held by the SfrxEth contract. This could lead to a significant financial loss for the contract and its users. Proof of Concept For demonstration purpose, Alice i...

An attacker can manipulate the preDepositvePrice to steal from other users.

Lines of code Vulnerability details Impact The first user that stakes can manipulate the total supply of sfTokens and by doing so create a rounding error for each subsequent user. In the worst case, an attacker can steal all the funds of the next user. Proof of Concept When the first user enters...

First stake inflation attack

Lines of code Vulnerability details Impact The first staker can steal the next staked funds. Proof of Concept As the first one to stake, the attacker stakes minAmount ETH, for which minAmount or slightly less due to slippage SafEth tokens are minted. The attacker immediately unstakes the entire...

MuteBond.sol: price discount can be manipulated which undermines its purpose of reflecting demand

Lines of code Vulnerability details Impact The bondPrice in the MuteBond contract increases linearly during the epochDuration from startPrice in the beginning to maxPrice in the end. The bondPrice determines how many MUTE tokens a user receives for bonding his LP tokens. The higher the bondPrice...

Derivative Pool Issue can Lead to Loss User Funds when Unstaking

Lines of code Vulnerability details Impact In all withdraw functions of derivatives, there is no check for sending zero Ether back to the safEth contract. It is important to note that the addressmsg.sender.callvalue: 0"" function returns true even when transferring a zero value. On the other hand...

User should be able to set the slippage amount willing to pay

Lines of code Vulnerability details Impact The impact of this finding is that users may be required to pay higher transaction fees than necessary due to the absence of an adjustable slippage feature. This could discourage users from using the SafEth contract and negatively impact its adoption...

Upgraded Q -> 2 from #83 [1679850012658]

Judge has assessed an item in Issue 83 as 2 risk. The relevant finding follows: L-02 There is no way to disapprove a collateral --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #98 [1679803209669]

Judge has assessed an item in Issue 98 as 2 risk. The relevant finding follows: QA-01 PauseModifier is implemented in the KangarooVault.sol contract but isn't used due to not being apart of core functionality --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #88 [1679874664641]

Judge has assessed an item in Issue 88 as 2 risk. The relevant finding follows: L-6 Spamming deposit and withdraw queues --- The text was updated successfully, but these errors were encountered: All reactions...

Short positions can be burned while holding collateral

Lines of code Vulnerability details Impact Users can permanently lose a portion of their collateral due to a malicious attacker or their own mistake. Vulnerability Details In the ShortToken contract, adjustPosition is used to handle changes to a short position's short or collateral amounts. The...

usedFunds is wrong after Liquidity.closeLong, openShort and closeShort

Lines of code Vulnerability details Impact usedFunds is wrong in LiquidityPool, and usedFunds tracks spent quote tokens. usedFunds is an important state in LiquidityPool, so the impact will be high. Proof of Concept Liquidity.closeLong and openShort don't update the state usedFunds correctly. In...

JSON context breaking in Bio.tokenURI

Lines of code Vulnerability details Impact Bio.tokenURI function returns an encoded JSON which is supposed to be parsed by a browser or another tool. The field description contains unsanitized user input and can be fully controlled by a hacker when they create an NFT via Bio.mintstring calldata...

Users can lose funds due to stuck NFT's

Lines of code Vulnerability details Impact If msg.sender is a contract could also be smart contract wallet that does not implement the onERC721Received method, in the current implementation of fuse Namespace.sol && mint Bio.sol, the tx will still be successful, and the token will be minted. In th...

Centralization privileges could cause revenue loss or DDoS

Lines of code Vulnerability details Impact DISCLAIMER: I understand that this was under known issues M-1, and I'm submitting this on another angle which is in case owner is compromised. Namespace and Tray contract allow the owner to execute some privilege actions which give flexibility but at the...

Missing totalFunds update in LiquidityPool's OpenShort(), causing LiquidityPool token holder to lose a portion of their token value

Lines of code Vulnerability details The function openShort in LiquidityPool.sol is missing an update to totalFunds, to increase LiquidityPool funds by the collected net fees. Impact As a result of the missing increment to totalFunds, the availableFunds in the LiquidityPool will be lower. This wil...

Lack of token approval reverts the overall trade

Lines of code Vulnerability details Impact Since the user has not approved the params.collateralAmount, calling the safeTransferFrom function will result in a revert due to the lack of token approval. The Exchange contract not receive any collateralAmount. Proof of Concept...