[WP-H13] LockPosition can be overwritten by new lockFor() which leads to user's funds loss

Lines of code Vulnerability details function lockFor address account, uint256 nftIndex, uint256 lockAmount external onlyOwner nonReentrant jpeg.safeTransferFromaccount, addressthis, lockAmount; positionsnftIndex = LockPosition owner: account, unlockAt: block.timestamp + lockTime, lockAmount:...

[WP-H22] Bad debts should not continue to accrue interest

Lines of code Vulnerability details uint256 debtAmount = getDebtAmountnftIndex; require debtAmount = getLiquidationLimitnftIndex, "positionnotliquidatable" ; // burn all payment stablecoin.burnFrommsg.sender, debtAmount; In the current design/implementation, the liquidator must fully repay the...

Usage of deprecated Chainlink functions

Lines of code Vulnerability details Impact The Chainlink function latestAnswer is deprecated. Instead, use latestRoundData. As seen in the changelog, Chainlink encourages people to use the latestRoundData function. It's not clear when the support for deprecated functions ends. Here's the same iss...

Initial yVault deposit with amount=1 wei causes very expensive share price leading to precision errors and loss of funds

Lines of code Vulnerability details Impact The first depositor into yVault is able to maliciously manipulate the share price by depositing the lowest possible amount 1 wei and then artificially blowing up the yVault token balance. Following depositors will loose their deposited funds due to...

Use of deprecated Chainlink API

Lines of code Vulnerability details Impact The contract uses Chainlink’s deprecated API latestAnswer. Such functions might suddenly stop working if Chainlink stopped supporting deprecated APIs. Impact: Deprecated API stops working. Prices cannot be obtained. Protocol stops and contracts have to b...

Uncontrolled usage of Chainlink API for core price retrieval

Lines of code Vulnerability details Impact Chainlink's latestAnswer usage can yield stale price information, which is crucial for borrowing and liquidation. latestAnswer is having less ways to be controlled compared to latestRoundData, which is advised for price sensitive operations. Staling pric...

setDebtInterestApr() doesn't accrue interest before changing it

Lines of code Vulnerability details Impact Wrong interest can be charged if interest is changed without calling accrue Proof of Concept The function setDebtInterestApr updates the interest charged on debt without calling accrue before to compute previous interests. If someone takes debt at 2% and...

Update initializer modifier to prevent reentrancy during initialization

Lines of code Vulnerability details Impact The solution uses: "@openzeppelin/contracts": "^4.0.0", "@openzeppelin/contracts-upgradeable": "^4.3.2", These dependencies have a known high severity vulnerability: Which makes these contracts vulnerable: contracts/helpers/CryptoPunksHelper.sol: 19:...

Controller: Strategy migration will fail

Lines of code Vulnerability details Details The controller calls the withdraw method to withdraw JPEGs from the contract, but the strategy might blacklist the JPEG asset, which is what the PUSDConvex strategy has done. The migration would therefore revert. Proof of Concept Insert this test into...

Can steal yVault deposits due to bad initial shares calculation

Lines of code Vulnerability details Impact The yVault.deposit function mints initial shares equal to the deposited amount. The deposit / withdraw functions also use the balance, which includes the contract balance token.balanceOfaddressthis, to compute the shares. It's possible to increase the...

Tokens will be forever burned if contract call never success. Moreover, it may not retriable after OLD_KEY_RETENTION + 1 epochs has passed.

Lines of code Vulnerability details Impact Tokens will be forever burned if contract call never success. Moreover, it may not retriable after OLDKEYRETENTION + 1 epochs has passed. Just setting commandExecuted flag to false is not sufficient. As contract call never success, it will never got...

When an attacker lends to a loan, the attacker can trigger DoS that any lenders can not buyout it

Lines of code Vulnerability details Impact If an attacker lender lends to a loan, the attacker can always revert transactions when any lenders try to buyout, making anyone can not buyout the loan of the attacker. Proof of Concept 1. A victim calls lend, trying to buyout the loan of the attacker. ...

NonCustodialPSM.mint ignores mint buffer reduced amount, mostly disabling mint rate control

Lines of code Vulnerability details Impact VOLT minting rate control doesn't happen when RateLimited's doPartialAction is true as NonCustodialPSM doesn't use the returned amount value, minting the full amount even when it was reduced by current mint buffer size limitation. There are two issues wi...

Tokens with fee on transfer are not supported

Lines of code Vulnerability details There are ERC20 tokens that charge fee for every transfer / transferFrom. Vault.soladdValue assumes that the received amount is the same as the transfer amount, and uses it to calculate attributions, balance amounts, etc. But, the actual transferred amount can ...

Faulty logic at _setBufferCap() function

Lines of code Vulnerability details Impact setBufferCap function sets the bufferCap. It first calls the updateBufferStored function which updates the bufferStored variable. However, calculation of bufferStored depends on bufferCap value: Math.minbufferStored + rateLimitPerSecond elapsed, bufferCa...

Inconsistent use of oracle

Lines of code Vulnerability details Impact Throughout the protocol, oracles are relied upon to keep Volt stable, calculate payouts to users, and judge whether actions are eligible to be carried out. On the NonCustodialPSM contract, oracle is updated with the updateOracle function. However, there ...

Users Can Bypass Emergency Restrictions on updateUserRewardState()

Lines of code Vulnerability details Impact The emergencyWithdraw function intends to withdraw their tokens regardless if they are locked up for any duration. This emergency must be triggered by the owner of the contract by calling triggerEmergencyWithdraw. A number of functions will revert when t...

User withdrawal can be stuck

Lines of code Vulnerability details Impact Any transfer will lead to updation of cooldown period for the recipient. This can become a problem if recipient wished to withdraw some amount using unstake. Proof of Concept 1. User A wished to withdraw amount 100 2. User A is pending 1 more day where...

admin can rug

Lines of code Vulnerability details In the function transferToken, the admin can steal all the money. --- The text was updated successfully, but these errors were encountered: All reactions...

Past state query results are susceptible to manipulation due to multiple states with same block number

Lines of code https://github.com/code-423n4/2022-0...

Function cooldown() is not protected when protocol in emergency mode

Lines of code Vulnerability details Function cooldown is not protected when protocol is in emergency mode. Its behavior is not consistent with the other major functions defined. Impact While other major functions like stake, unstake, lock, unlock, etc., of this contract is protected by checking f...

A large platformFee (>10000), would cause underflow during sendToSplitter (at RoyaltyVault.sol)

Lines of code Vulnerability details Impact at RoyaltyVault.sol Presently platformFee, does not have a upper limit and can be set to any value through setPlatformFee function. If the value is set beyond 10,000 it would cause an underflow during split share calculation at sendToSplitter function...

Duplicate NFTs Can Be Minted if payableToken Has a Callback Attached to it

Lines of code Vulnerability details Impact The mintToken function is called to mint unique tokens from an ERC721 collection. This function will either require users to provide a merkle proof to claim an airdropped token or pay a fee in the form of a payableToken. However, because the payableToken...

createProject can be frontrun

Lines of code Vulnerability details Impact This is dangerous in scam senario because the malicious user can frontrun and become the owner of the collection. As owner, one can withdraw paymentToken. note that collections.isForSale can be change by frontrunner Proof of Concept 1. Anyone can call...

Use safeTransfer

Lines of code Vulnerability details Impact The return value of the transfer is not checked. You already imported SafeERC20 into this contract, so you can use it to resolve this issue. Proof of Concept Tools Used manual code review Recommended Mitigation Steps IERC20borrowAsset.safeTransferto, fee...

LenderPool: Principal withdrawable is incorrectly calculated if start() is invoked with non-zero start fee

Lines of code Vulnerability details Details & Impact The principalWithdrawable calculated will be more than expected if start is invoked with a non-zero start fee, because the borrow limit is reduced by the fee, resulting in totalSupplyid not being 1:1 with the borrow limit. function...

PooledCreditLine: termination likely fails because _principleWithdrawable is treated as shares

Lines of code Vulnerability details Details & Impact principalWithdrawable is denominated in the borrowAsset, but subsequently treats it as the share amount to be withdrawn. // notBorrowed = borrowAsset amount that isn't borrowed // totalSupplyid = ERC1155 total supply of id // borrowedTokens =...

[WP-H9] LenderPool.sol#start() startFeeFraction can be used by a malicious/compromised owner to rug lenders

Lines of code Vulnerability details A configurable startFeeFraction with no upper bound can be claimed by the caller to a specified address. The fee is not based on the gas cost, but on the totalLent of the pool. We believe this startFee reward is unnecessary and it creates a potential rug vector...

LenderPool.terminate mix calculation between shares and tokens, resulting in incorrect amount of shares to be withdrawn from savings account

Lines of code Vulnerability details Impact While calculating the amount of shares to withdraw in LenderPool.terminate, principalWithdrawable which is amount of tokens is added to totalInterestInShares, and then passed to SAVINGSACCOUNT.withdrawShares. If tokens : shares are not 1 : 1, which is th...

use of transfer() instead of call() to send eth

Lines of code Vulnerability details Impact Use of transfer might render ETH impossible to withdraw becuase after istanbul hardfork , there is increases in the gas cost of the SLOAD operation and therefore breaks some existing smart contracts.Those contracts will break because their fallback...

admin can rug

Lines of code Vulnerability details admin can steal all user funds --- The text was updated successfully, but these errors were encountered: All reactions...

Fixed Amount of Gas Sent in Call May Be Insufficient

Lines of code Vulnerability details Impact The function attemptETHTransfer makes a call with a fixed amount of gas, 30,000. If the receiver is a contract this may be insufficient to process the receive function. As a result the user would be unable to receive funds from this function. Proof of...

onlyOwner modifier missing

Lines of code Vulnerability details Impact Function is missing onlyOwner modifier meaning any user could register without need to be an owner Proof of Concept registerSelf function is missing the onlyOwner modifier. Recommended Mitigation Steps Change definition to function registerSelf...

[WP-H7] Infinite approval to an arbitrary address can be used to steal all the funds from the contract

Lines of code Vulnerability details function startBridgeAnyswapData memory anyswapData internal // Check chain id requireblock.chainid != anyswapData.toChainId, "Cannot bridge to the same network."; address underlyingToken = IAnyswapTokenanyswapData.token.underlying; if underlyingToken ==...

If contract holds balance of any ERC20 token, any user can take it

Lines of code Vulnerability details Impact If the LiFiDiamond contract ends up holding any ERC20 token, any user is able to perform a swap from the held asset to another asset, and the swap will use the contracts' funds as input instead of their own. The result is that a user can take all of the...

Mint spread collateral-less and conjuring collateral claims out of thin air with implicit arithmetic rounding and flawed int to uint conversion

Lines of code Vulnerability details Impact This report presents 2 different incorrect behaviour that can affect the correctness of math calculations 1. Unattended Implicit rounding in QuantMath.sol div and mul 2. Inappropriate method of casting integer to unsigned integer in SignedConverter.sol...

Option create can be denied

Lines of code Vulnerability details Proof of Concept A griefer can frontrun the createOption from a user and user's tx will revert. This line will revert because of this Recommended Mitigation Steps One gas efficient way to prevent this is to mix msg.sender into salt. --- The text was updated...

Inflate collateral token and partial bypass minting fee by directly transferring to _strategyController

Lines of code Vulnerability details Impact This bug enables partial bypass of fee while minting Collateral tokens through Collateral.deposit. Attackers can also utilize this bug to inflate prices of Collateral tokens, creating "unfair advantages" for early minters of Collateral tokens. Proof of...

Manipulating PreCT Mint Logic with Direct Base Token Transfer

Lines of code Vulnerability details Impact A bad actor can steal funds from future depositors by sending the base token directly to the Strategy or StrategyController contracts. This exploit is more effective the less shares that have already been distributed, perhaps early into the launch of the...

[WP-H14] LiquidityProviders.sol The share price of the LP can be manipulated and making future liquidityProviders unable to removeLiquidity()

Lines of code Vulnerability details function removeLiquidityuint256 nftId, uint256 amount external nonReentrant onlyValidLpTokennftId, msgSender whenNotPaused address tokenAddress, uint256 nftSuppliedLiquidity, uint256 totalNFTShares = lpToken.tokenMetadatanftId;...

A supported token can be unsupported and liquidity provider won't be able to withdraw their funds

Lines of code Vulnerability details Impact Liquidity provider will be unable to withdraw tokens that were previously supported Proof of Concept In liquidityProviders.sol users can provide liquidity only in supported tokens. This is checked when the user provides liquidity and checked again when h...

FUNCTION SETBASEGAS LACKS BOUNDS CHECK AND EVENT EMIT AFFECTS TRANSFER

Lines of code Vulnerability details Impact Executors can, unintentionally, send a huge amount of ETH Proof of Concept The function setBaseGasuint128 gasLiquidityPool.sol should have bounds like MAXBASEGAS. Even worse this function lacks of event emit. As a result, executors can call sendFundsToUs...

[WP-H8] Wrong formula for the fee to be added to the incentivePool

Lines of code Vulnerability details The protocol takes part of the fees to incentivize liquidity, which is recorded as incentivePooltokenAddress on LiquidityPool.sol. However, the formula used to calculate the updated amount of incentivePooltokenAddress in the current implementation is wrong...

Reward and base token decimals difference isn't accounted for in LiquidityFarming

Lines of code Vulnerability details Impact Reward and base token decimals can differ, while this difference isn't accounted for in the reward amount calculations, which will lead to either missing rewards or sending the whole rewards balance to the first eligible user. For example: If reward is...

Executors can steal funds meant to be sent to users

Lines of code Vulnerability details Impact The executor can provide any value it wants as the tokenGasPrice when it calls sendFundsToUser since it is not included in the hash checks. The executor can set the value to be exactly the number that will take all of the funds the user is requesting...

DDOS - csanuragjain

Duplicate of 119 --- The text was updated successfully, but these errors were encountered: All reactions...

Too many amms - omik

Duplicate of 97 --- The text was updated successfully, but these errors were encountered: All reactions...

Staking tokens can be stolen

Lines of code Vulnerability details Impact The staking contract keeps track of shares of each user. When withdrawing from the staking contract the amount parameter is converted to shares and this value is decreased shares = amount / totalbalance totalshare. This shares calculation rounds down whi...

Not compatible with Rebasing/Deflationary/Inflationary tokens

Lines of code Vulnerability details Proof of Concept The DepositBoxERC20 contract do not appear to support rebasing/deflationary/inflationary tokens whose balance changes during transfers or over time. The necessary checks include at least verifying the amount of tokens transferred to contracts...

Private sale replay attack

Lines of code Vulnerability details Impact The private sale signature used in buyFromPrivateSaleFor does not prevent replay attacks. If the NFT ends up in the original seller's wallet again within the deadline it can be purchased from them again. POC S sells to B using a private sale. S creates a...