DefaultAccount will add system call flag to any call with msg.value

Lines of code Vulnerability details Impact As mentioned in the repo's README.md documentation: isSystem flag. Whether the call intends a system contracts' function. While most of the system contracts' functions are relatively harmless, accessing some with calldata only may break the invariants of...

User transactions can call system contracts directly

Lines of code Vulnerability details Impact User transaction can call system contracts directly, which shouldn't be allowed to not invoke potentially dangerous operations. Proof of Concept The DefaultAccount.executeTransaction executes a user transaction after it was validated. The function calls...

Loss of funds when msg.value > 2**128

Lines of code Vulnerability details Impact When a user try to transfer an amount of ether 2128 an invariant is broken where instead of reverting the transaction the affected code just return. Proof of Concept The following is the affected code where it returns instead of reverting. if value != 0...

L2EthToken.sol balance[address(this)] COULD UNDERFLOW

Lines of code Vulnerability details Impact The ethereum balance of the L2EthToken.sol contract can underflow thus breaking the accounting of the protocol for L2-L1 fund transfers. Proof of Concept L2EthToken.sol contract has the withdraw function to transfer funds to L1 for withdrawal. In the...

_l1Receiver may lose the token amount

Lines of code Vulnerability details Impact l1Receiver lose the token amount Proof of Concept function withdrawaddress l1Receiver external payable override uint256 amount = msg.value; // Silent burning of the ether unchecked balanceaddressthis -= amount; totalSupply -= amount; // Send the L2 log, ...

getBlockHashEVM() function vulnerability leads to DoS attack

Lines of code Vulnerability details Impact By using the getBlockHashEVM function with erroneous input, an attacker can take advantage of this vulnerability to deprive the contract of gas and launch a denial of service DoS attack against the network, contracts and valid transactions will therefore...

ZERO TRUNCATION COULD LEAD TO UNEXPECTED RESULTS

Lines of code Vulnerability details Impact Precision issue leading to zero truncation due to numerator smaller than denominator in a ratio or a division happens readily in Solidity if extra cares have not been given to it. Arithmetic operations running into this incident are typically associated...

User can claim high rewards than he eligible

Lines of code Vulnerability details Impact User will receive rewards more than he should receive calculation of rewards for user can be continued even after withdraw Proof of Concept when a user claim rewards, the lastRewardTime will be set to block.timestamp , now consider a scenario that user...

Unclaimed rewards will be stuck unrecoverable

Lines of code Vulnerability details Impact The vulnerability relies in: unchecked uint256 share = points PRECISION / pool.totalPoints totalReward; uint256 daoShare = share pool.daoTax / 100 DIVISOR; share /= PRECISION; daoShare /= PRECISION; return share - daoShare, daoShare; The problem is that ...

User can cause the points of their LP stake position to underflow

Lines of code Vulnerability details Impact This vulnerability allows a user to cause their LP position points to underflow which will then allow a user to receive a massively disproportionate amount of the emission rewards relative to their stake because they now practically have an infinite amou...

BYTES2.getReward: no check for input

Lines of code Vulnerability details Impact the function getReward should validate that to is not an empty address 0x0 to prevent accidental loss of BYTES. Impact: mint reward BYTES to address0 will be lost Proof of Concept function getReward address to external uint256 reward, uint256 daoCommisio...

# configureLP function should check LP stakers present before changing LP address.

Lines of code Vulnerability details configureLP function should check LP stakers existence before changing LP address. Permitted users are allowed to change LP address when lpLocked is false. So this does not follow the comments above. Proof of concept 1701 This function allows a permitted user t...

Incorrect validation of the result of the transfer * transferFrom method call. Failure to comply with the ERC20 standard

Lines of code Vulnerability details Impact Inability to use ERC20 standard tokens. As an example of the future LP token Proof of Concept According to the ERC-20 standard, the transfer and transferFrom methods return true or false, but looking at the code we see that:...

Huge over calculating user rewards

Lines of code Vulnerability details Impact Huge over calculating user rewards When user claim rewards for the first time rewards over calculated Proof of Concept getPoolReward function uses ''uint256 timeSinceReward = block.timestamp - lastRewardTime'' formula to calculate period of time that...

Use the _assetTransferFrom function instead of _assetTransfer. This is because the tokens are held in the escrow contract, rather than being in the destination BYTES address, and thus require a transfer from the escrow contract to the recipient's address

Lines of code Vulnerability details Impact The msg.sender lose his stakedBytes From BYTES address not possible to send stakedBytes to msg.sender. The stakedBytes only help in escrow contract not in BYTES address. Proof of Concept function assetTransfer address asset, address to, uint256 amount...

User Rewards will be lost in case of Withdraw

Lines of code Vulnerability details Impact User loses his unclaimed rewards If user withdraw all of his staked tokens he won't be able to claim rewards Proof of Concept the point is used to calculate user rewards and when a user withdraw all of its staked tokens the point will be set to zero and...

upgradeBytes() functon doesn't allows user to upgrade their entire bytes1 token to bytes2 token

Lines of code Vulnerability details Impact The users can't upgrade all of its bytes1 token to bytes due to logic error in upgradeBytes functon. The user can only upgrade the token if he choose the less amount then what they already have. They cannot upgrade all tokens. Proof of Concept The...

Ability to receive LP rewards without having any LP staked

Lines of code Vulnerability details Impact The impact of this is high as a user is able to first stake LP tokens, then craftily withdraw them in specific increments without any change to their staking rewards. The user is able to get to a state in which they have 0 LP tokens staked, but have 0 LP...

The Lottery Contract's Lack of Safeguards May Lead to Insufficient Funds for Jackpot Payouts

Lines of code Vulnerability details While it may be true that the probability of the scenario happening is low, it does not necessarily mean that the issue should not be considered valid. A low probability does not mean that the vulnerability should be ignored, especially if it can lead to a loss...

Owner unable to withdraw the amount since depositDeadline values already expired

Lines of code Vulnerability details Impact The stakermsg.sender lose his amount permanently once depositDeadline is over Proof of Concept DEPOSIT : function deposituint256 amount external override onlyOwner // slither-disable-next-line timestamp if block.timestamp depositDeadline revert...

Expected payout should not be determined off-chain

Lines of code Vulnerability details Impact Loss of profit and depletion of funds, the latter of which implies that some tickets will be unclaimable. Proof of Concept There is no guarantee to the correctness of LotterySetupParams.expectedPayout, which can be set freely within bounds in...

Calculation in calculateNewProfit function is broken when jackpot is not won

Lines of code Vulnerability details The function calculateNewProfit present in the LotteryMath library is used when finalizing the current draw in the Lottery to track and update the currentNetProfit variable in the contract. function calculateNewProfit int256 oldProfit, uint256 ticketsSold,...

Loss of funds when buying tickets with no frontend

Lines of code Vulnerability details When tickets are bought, the protocol allows to specify a frontend that will receive a percentage of the ticket fee as rewards 10% for the current setup. However, if this input is left empty during purchase, frontend rewards will still be counted and associated...

If frontend == address(0), 10% of the ticket price is not used as intended

Lines of code Vulnerability details Impact The function buyTickets, has no check that frontend is not equal to zero address. This is possible if there was some misconfiguration from the frontend side or a player uses this function directly and does not set any address. In this case, the user...

Lottery Insolvency can lead to unclaimable winning tickets despite paying out Frontend and Staking rewards

Lines of code Vulnerability details Impact Lottery Insolvency can lead to unclaimable winning tickets despite paying out Frontend and Staking rewards Proof of Concept When distributing the winning tokens, it is possible that there is an insufficient balance to be able to pay winning tickets while...

expected outgoing rewards for non-jackpot tiers are not normalized

Lines of code Vulnerability details Impact When calculating new profit, the calculation for non-jackpot rewards are not normalized and will be largely overestimated, due to the additional percentage scaling. This will lead to the excess pot for participants being much lower and hence failing to...

Depositors might not be able to withdraw from StabilityPool if any collateral's price drops significantly

Lines of code Vulnerability details In the TroveManager contract, the closeTrove function contains a check to ensure there is more than one trove, as shown below. TroveManager.solL1278-L1282: function closeTroveaddress borrower, address collateral, Status closedStatus internal assertclosedStatus ...

StabilityPool.sol – Re-entrancy risk on withdrawfromSP()

Lines of code Vulnerability details The withdrawFromSP function in the StabilityPool contract is vulnerable to a reentrancy attack through the sendLUSDToDepositor function. The sendLUSDToDepositor function is vulnerable because it transfers LUSD tokens and LQTY gains before updating state...

The _allocBPS field from strategy struct can be 0 this will make the strategy irrevocable

Lines of code Vulnerability details Impact No sanity check will make a strategy irrevocable Proof of Concept The addStrategy function can be used to add a strategy, there are multiple sanity checks inside the function however there is missing a very important one, there is no check for allocBPS !...

STRATEGIST still can assign a higher percentage into the withdrawMaxLoss, which may lead to a very higher risk for users to lose the principle sent as a collateral

Lines of code Vulnerability details Impact Within the ReaperVaultV2updateWithdrawMaxLoss above, the user who has a STRATEGIST role still can assign a higher percentage i.e. 99% = 9999 into the withdrawMaxLoss. This lead to a very higher risk for users to lose the principle sent as a collateral if...

Upgraded Q -> 2 from #56 [1677632875022]

Judge has assessed an item in Issue 56 as 2 risk. The relevant finding follows: 2. Attribute values of fees could exceed 1e18 when initializing even if the proposedFees is checked in proposeFees function. function initialize IERC20 asset, IERC4626 adapter, VaultFees calldata fees, address...

KUMASwap.buyBond() is vulnerable to being used for reentry attacks

Lines of code Vulnerability details Impact KUMASwap.buyBond could be exploited for some kind of reentry attack now or in the future Proof of Concept KUMASwap.buyBond may trigger a callback to the sender's contract before the following statements being executed: updateMinCoupon;...

Multiple KBCTokens can be minted fir single KUMABondToken id.

Lines of code Vulnerability details Impact The KUMASwap.buyBond mints KBCTokens clone token for every KUMABondToken whose bondFaceValue is greater than realizedBondValue. function buyBonduint256 tokenId external override whenNotPaused whenNotDeprecated IKUMAAddressProvider KUMAAddressProvider =...

KUMABondToken.approve() should revert if the owner of the tokenId is blacklisted

Lines of code Vulnerability details Impact It is still possible for a blacklisted user's bond token to be approved. Proof of Concept KUMABondToken.approve only checks if msg.sender and to are not blacklisted. It doesn't check if the owner of the tokenId is not blacklisted. For example, the...

KUMASwap.buyBond :- Clone token + KUMABondToken transfer for a single KUMABondToken id.

Lines of code Vulnerability details Impact The KUMASwap.buyBond mints KBCTokens clone token for every KUMABondToken whose bondFaceValue is greater than realizedBondValue. If bondFaceValue is not greater than realizedBondValue a simple KUMABondToken transfer is done to the caller. function...

KUMAFeeCollector.changePayees() executes incorrectly when newPayees contains duplicate items

Lines of code Vulnerability details Impact When calling KUMAFeeCollector.changePayees with duplicate payees in newPayees, the call is not reverted and the result state will be incorrect. Proof of Concept Contract KUMAFeeCollector does not support duplicate payees. The transaction will revert when...

Repository._removeContract() removes the contract wrongly.

Lines of code Vulnerability details Impact After removing the contract, the contracts array would contain the wrong contract names. Proof of Concept Repository.removeContract removes the contract name from contracts array. File: 2023-02-malt\contracts\Repository.sol 223: function...

SwingTraderManager.addSwingTrader() shouldn't push the traderId to activeTraders array if active = false.

Lines of code Vulnerability details Impact After adding an inactive trader using addSwingTrader, activeTraders array will contain an inactive trader. Furthermore, if the inactive trader is toggled to active using toggleTraderActive, activeTraders array will contain the trader twice and the main...

The latest malt price can be less than the actual price target and StabilizerNode.stabilize will revert

Lines of code Vulnerability details Impact StabilizerNode.stabilize will revert when latestSample priceTarget and msgSender is not an admin and not whitelisted, it asserts livePrice minThreshold. And minThreshold is calculated as follows: uint256 priceTarget = maltDataLab.getActualPriceTarget;...

RewardThrottle: If an epoch does not have any profit, then there may not be rewards for that epoch at the start of the next epoch.

Lines of code Vulnerability details Impact In RewardThrottle, both checkRewardUnderflow and fillInEpochGaps call fillInEpochGaps to fill the state of the previous epoch without profit, the difference being that checkRewardUnderflow will request the reward from the overflowPool and distribute the...

_distributeProfit will use the stale globalIC.swingTraderCollateralDeficit()/swingTraderCollateralRatio(), which will result in incorrect profit distribution

Lines of code Vulnerability details Impact The distributeProfit called by handleProfit will use globalIC.swingTraderCollateralDeficit/swingTraderCollateralRatio when distributing profits, and the latest globalIC.swingTraderCollateralDeficit/swingTraderCollateralRatio needs to be used to ensure th...

Upgraded Q -> 3 from #510 [1675932827359]

Judge has assessed an item in Issue 510 as 3 risk. The relevant finding follows: In red are the state transitions that can only be performed with special privileges recreateMinipool: The following transitions will be performed Withdrawable-PreLaunch Error-PreLaunch createMinipool: will perform th...

Core functionality is not working due to revert in _verifyCreatorOrOwner()

Lines of code Vulnerability details Impact It is not possible to pause/unpause vaults and adaptors nor add staking reward tokens since the verifyCreatorOrOwner function reverts due to a logical error. Proof of Concept The following logic is used to determine if msg.sender is a creator or owner of...

MultiRewardStaking claimRewards() reentrancy for ERC-777 reward tokens

Lines of code Vulnerability details Impact A hacker can drain an ERC-777 reward token funds via reentrancy. This is because in the claimRewards function, the transfer of the reward token which triggers the hacker's ERC-777 hook takes place before setting accruedRewardsuserrewardTokensi to zero...

inital share manipulation attack possible in Vault

Lines of code Vulnerability details Description This is the classic share inflation attack described here: The popcorn Vault is an abstraction on top of other vaults which acts like adapters to wrap other yield bearing protocols. Hence the asset in Vault are the shares in this adapter. An early...

First deposit can break share calculation

Lines of code Vulnerability details Impact Vault share price can be maliciously inflated on the initial deposit, leading to the next depositor losing assets due to precision issues. Proof of Concept 147: shares = convertToSharesassets - feeShares; If feeShares = 0 the first depositor of Vault can...

ERC4626 vault shares can be maliciously inflated

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The price of ERC4626 vault shares can be maliciously inflated during the first deposit, leading to the loss of assets for next depositors Proof of Concept Provide direct links to all referenced code in...

MultiStakingReward.sol assumes all RewardTokens are in 18 decimal places

Lines of code Vulnerability details Impact Calculation of accrued rewards will be affected. Proof of Concept The function accrueRewards is called anytime rewards needs to be accrued. The variable supplyTokens is the total supply of the reward token. deltaIndex is calculated by taking the accrued ...

Vault creator can prevent users from claiming staking rewards

Lines of code Vulnerability details Impact Vault creator can prevent users from claiming rewards from the staking contract. This can boost his liquidity and lure depositors to stake vault tokens. He can present a high APY and low fee percentage which will incentivize stakers When the staking...

Upgraded Q -> 3 from #648 [1675725284542]

Judge has assessed an item in Issue 648 as 3 risk. The relevant finding follows: 1. Incorrect Minter Address Validation in Mint Function Link : Summary: The mint function in the RabbitHoleReceipt contract does not correctly check the msg.sender address for minter permissions. The onlyMinter...