The GovernorSettings are set to incorrect values

Lines of code Vulnerability details When ODGovernor is deployed the GovernorSettings is initialized with the initialVotingDelay, initialVotingPeriod and initialProposalThreshold. The problem is that the initialVotingDelay and initialVotingPeriod are set to incorrect values which are really small...

M-02 Unmitigated

Lines of code Vulnerability details Mitigation of M-02: Issue not mitigated Link to Issue: code-423n4/2023-09-asymmetry-findings54 Comments The sponsor has acknowledged the issue but decided to not mitigate it. Acknowledged and did not fix, plan to upgrade a fix in the future --- The text was...

[ADRIRO-NEW-H-01] VotiumStrategy withdrawal can still be executed with minimal delay

Lines of code Vulnerability details Summary Within the mitigation changes, the sponsor has introduced a minimum delay of one epoch for VotiumStrategy withdrawals, in order to mitigate different issues related to the exposure to CVX . The fix contains an edge case which could still be used to make...

[ADRIRO-NEW-M-04] CVX tracking misses to account for rewards

Lines of code Vulnerability details Summary The updated codebase now tracks CVX balances internally. While this is correctly handled in most operations, accounting fails to consider CVX tokens coming from claimed rewards. Impact CVX balances in the Votium strategy are now tracked internally. This...

[ADRIRO-NEW-H-03] Invalid operation in withdrawStuckTokens() will break CVX balance tracking in VotiumStrategy

Lines of code Vulnerability details Summary The updated code for withdrawStuckTokens contains an update to the trackedCvxBalance variable that will break CVX accounting in the VotiumStrategy contract, leading to multiple severe consequences. Impact To mitigate a potential withdrawal of CVX tokens...

Price inflation pump

Lines of code Vulnerability details Impact AfEth price can be inflated until severe rounding errors occur. Proof of concept Deposit in AfEth such that totalValue == 1 and thus 1 afEth is minted. Then AfEth.price will be in the open interval $1,2$ AfEth.price $= 1$ is extremely unlikely. Deposit i...

A new executor cannot be added because of the wrong restriction

Lines of code Vulnerability details Impact A new executor cannot be added because of the wrong restriction Proof of Concept if !subAccountToExecutorssubAccount.addexecutor revert AlreadyExists; The if statement checks if executor to be added to the subAccountToExecutors mapping is not in the...

Malicious sub-account operators can perform cross-chain signature replay attack

Lines of code Vulnerability details Impact Malicious sub-account operators can perform policy or transactions not allowed to the specific chain but allowed in other chain. This is possible due to cross-chain signature replay attack. Proof of Concept To describe the attack, for example, let us hav...

the operators of the sub account can execute any transaction(not restricted by policy ) to a 3rd party without going through the policy validation process by the trustedValidator

Lines of code Vulnerability details Impact this vulnerability will cause the tokens of the sub accounts to be stolen or perform any activity on the subAcoounts without the validation against the policy and will allow the operators to execute transactions that are not restricted by the policy of t...

Nonce is not incremented after using signature for policy validation

Lines of code Vulnerability details Impact Nonce is not incremented after using signature for policy validation Proof of Concept In PolicyValidator.sol there is a function function isPolicySignatureValid address account, address to, uint256 value, bytes memory data, Enum.Operation operation, byte...

delegateMulti(...) Griefing Attack

Lines of code Vulnerability details Impact A call to delegateMulti... with the right parameters will consume much gas and waste memory for Proxy Delegators DoS costing the attacker very little. Proof of Concept Calling delegateMulti with many unique targets and amounts of 0 consumes Proxy...

people can steal others voting power by creating mlicous proxy contracts

Lines of code Vulnerability details Impact bad actor can control over the other peoples voting power in delegate proxy contracts. lets start from delegateMulti when somebody calls it it leads to delegateMulti and it calls processDelegationsource, target, amount; in the process of loop. if you loo...

Owner role's URI setting power can be maliciously exploited.

Lines of code Vulnerability details Impact The owner role has a lot of power here. Setting URI could be used maliciously. Should consider limiting owner capabilities to only essential admin functions. Proof of Concept The issue occurs in the setUri function: function setUristring memory uri...

No address validation can lead to unexpected behaviour

Lines of code Vulnerability details Background With the implementation of the ERC20Multidelegate contract, it will be possible to delegate your voting power to multiple recipients in one transaction. A user can call ERC20MultiDelegate.delegateMulti to initiate this multi-delegation: source:...

An attacker can exploit the accruing liquidity functionality to accrue liquidity for more weeks than intended.

Lines of code Vulnerability details Instances The whole exploit works due to similar functionality being broken at these 4 instances: here, here, here and here. Impact An attacker can accrue both Position time weighted liquidity and Global time weighte...

The Liquidity mining callpath sidecar owner can pull native tokens from the Dex

Lines of code Vulnerability details Impact The owner of liquidity mining sidecar can pull the native coins that are stored in the CrocSwapDex to reward the users. Proof of Concept The setConcRewards and setAmbRewards functions doesn't check if the quoted amount of rewards are actually sent by the...

VirtualAccount as a wallet can be called by anyone

Lines of code Vulnerability details A VirtualAccount represents a user wallet that allows the user to manage assets and perform remote interactions. But because payableCall method lacks any form of authentication it can be called by anyone. The call can be also executed directly to the desired...

Access control check in the setAmbRewards and setAmbRewards functions is missing

Lines of code Vulnerability details Impact Any user can call the setAmbRewards and setAmbRewards functions and set their values for weeklyReward, which opens up many attack vectors. For example, it is possible to set a large reward and withdraw all funds from the protocol. Proof of Concept functi...

Virtual account lacks access control

Lines of code Vulnerability details Impact The Virtual Account lacks access control on a function that allows arbitrary calls. This enables anyone to take any assets contained within the account. Proof of Concept The Virtual account has the requiresApprovedCaller modifier to prevent use from...

if the Virtual Account's owner is a Contract Account (multisig wallet), attackers can gain control of the Virtual Accounts by gaining control of the same owner's address in a different chain

Lines of code Vulnerability details Impact Attackers can gain control of User's Virtual Accounts and steal all the assets these accounts hold in the Root environment Proof of Concept When sending signed messages from a Branch to Root, the RootBridgeAgent contract calls the...

Potential Fund Compromise via Malicious Token Insertion

Lines of code Vulnerability details Impact Since any token can be sent to the PrimeLiquidityProvider contract there is a great chance of an attacker sending a scam token with some legit value in it to lure the owner making him sweep those tokens and by doing so compromising the whole contract's...

No zero address check in PrimeLiquidityProvider.sol:sweepTokens

Lines of code Vulnerability details Impact Possible loss of funds due to sending them to the address0, the developer's assumption is that safeTransfer is checking for to not being the address0. In reality, it doesn’t implement such a check and we can see from the implementation of the function:...

Irrevocable token holders can instantly mint a revocable token after burning and bypass the minimum XVS stake for revocable tokens

Lines of code Vulnerability details Impact When an irrevocable token is burned by the admin, the holder should go through the 90 day staking period again before accruing rewards. However, the holder can exploit the protocol to immediately begin accruing rewards after burning. Furthermore, the...

calculateAPR and estimateAPR may return invalid results

Lines of code Vulnerability details Impact The capitalForScore function in the Prime contract calculates the capital for calculation of score using a price oracle. The function is called three times inside of the contract, where only in the calculateScore is the oracle updated using the following...

An irrevocable prime token holder can claim a revocable token after burning the initial one

Lines of code Vulnerability details Bug Description Here's the step-by-step description of this issue: 1. A user depositsXVSVault.deposit 10,000 XVS tokens for a certain period e.g., 90 days. 2. ACM issuesPrime.issue an irrevocable prime token to the user. 3. The user...

Potential Gas Limit Issue with Bulk Score Updates

Lines of code Vulnerability details The updateScores function, which updates scores for multiple users, uses a nested loop structure. This can lead to a situation where if the users array is large and each user has many markets to update, the function could run out of gas. Impact If the function...

Prime.sol: stakedAt value is not deleted when manually issuing an irrevocable token

Lines of code Vulnerability details Impact Protocol specifications state that a user cannot have less than the minimum xvs staked if they are not irrevocable prime token users. In other words, only holders of irrevocables prime tokens can have less than the minimum xvs staked. The problem arises...

cvxPerVotium() calculation will return zero if all CVX tokens are pending withdrawal as obligations

Lines of code Vulnerability details Summary The implementation of cvxPerVotium contains an edge case that causes it to return an invalid zero value price. Impact The cvxPerVotium function present in the VotingStrategy contract is used to measure the number of held CVX tokens per vAfEth. 144:...

AfEth collaterals cannot be balanced after ratio is changed

Lines of code Vulnerability details Summary The AfEth ratio between the collaterals can be modified but there is no direct way to balance the assets to follow the new ratio. Impact The AfEth contract contains a configurable parameter ratio that indicates the intended balance between the two...

sellCVX(0) reverts

Lines of code Vulnerability details Impact A withdrawal cannot be finalised if requested at a time when AfEth had only safEth, and that owed share of safEth is permanently lost. Proof of Concept It is possible that AfEth holds at most dust amounts of vAfEth if ratio = 100 %. The amounts of vAfEth...

Zero amount withdrawals of SafEth or Votium will brick the withdraw process

Lines of code Vulnerability details Summary Withdrawals of amount zero from both SafEth and VotiumStrategy have issues downstream that will cause the transaction to revert, potentially bricking withdrawals from being executed. Impact Withdrawals in AfEth undergo a process to account for any...

M-04 MitigationConfirmed

Lines of code Vulnerability details In the previous implementation RewardableERC20claimAndSyncRewards rewardsPerShare += delta one / totalSupply; Some rewards might be locked inside the contract due to the rounding loss. Mitigation PR 896 Recalculated balanceAfterClaimingRewards to remove the...

Intrinsic arbitrage from price discrepancy

Lines of code Vulnerability details Impact The up to 2 % price discrepancy from Chainlink creates an intrinsic arbitrage. Especially, it makes withdrawals worth more than deposits in the sense that one can immediately withdraw more than just deposited. Proof of Concept When depositing ETH into...

price() in AfEth.sol doesn't take afEth held for pending withdrawals into account

Lines of code Vulnerability details Bug Description In AfEth.sol, the price function returns the current price of afEth: AfEth.solL133-L141 function price public view returns uint256 if totalSupply == 0 return 1e18; AbstractStrategy vEthStrategy = AbstractStrategyvEthAddress; uint256...

Potential rewards stealing by manipulating CVX/ETH pool

Lines of code Vulnerability details Vulnerability Details Upon claiming Votium rewards, applyRewards is intended to be invoked in order to exchange the tokens for eth and put the eth received back into the strategies. Based on the current ratio it either stakes the amount into safETH or obtains...

AfEth withdrawing will not work when ratio will be 0

Lines of code Vulnerability details Impact AfEth withdrawing will not work when ratio will be 0. It will be not possible to withdraw. Proof of Concept Any ratio for the 2 tokens of afEth can be set by owner. AfEth.withdraw function will not work in case if ratio will be 0, which means that safEth...

Users may not redeem the their tranche tokens and suffer loss.

Lines of code Vulnerability details Impact In case of the stablecoin depegging, users may may not redeem the their tranche tokens and suffer loss. Proof of Concept A tranche allows multiple stablecoins to be the currencies that users can deposit to get the tranche tokens. An example would be a...

Signature malleability in permit function

Lines of code Vulnerability details Impact In the ERC20 contract used to define the interface for tranche tokens the permit function uses ecrecover to verify a signature submitted by the token owner to approve an address to spend its tranche tokens. However there is a well known issue related to...

addPauser should be a two-step process in PauseAdmin.sol

Lines of code Vulnerability details Impact Adding new pauser should me two-step proccess. The identified issue pertains to the absence of a two-step process for adding a new pauser in the smart contract. This vulnerability could potentially allow an unauthorized entity to gain control over pausin...

The price update timestamp doesn't get checked, allowing for the use of stale prices

Lines of code Vulnerability details Impact It allows for the use of stale prices in cases where they will either damage the protocol or the user. Proof of Concept The protocol has a price oracle system where the price gets updated by an account with a privileged role by calling updatePrice...

checkERC1155BeforePull Function in DelegateTokenTransferHelpers

Lines of code Vulnerability details Description The checkERC1155BeforePull function in Contract XYZ has a potential issue where it reverts if pullAmount is equal to 0, which might not always be the desired behavior for ERC1155 tokens. Issue Details Context In DelegateTokenTransferHelpers.sol, the...

Incorrect use of getTokenAmounts causes getReserves / getTVL to be overestimated

Lines of code Vulnerability details Impact Previously, getTVL counted the balance of TokenisableRange and multiplied it by the LP value. After reconstruction, getTVL obtains the balance of token0 and token1 through getTokenAmounts and multiplies the token value. The problem is that when calculati...

Upgraded Q -> 3 from #255 [1694460742612]

Judge has assessed an item in Issue 255 as 3 risk. The relevant finding follows: LOW-2 Missing check for checkBalancesint256 x, int256 y in reserveTokenSpecified could result in DoS of some critical operations --- The text was updated successfully, but these errors were encountered: All reactions...

GeVault LP calculations do not use scaling and are vulnerable to deposit attacks

Lines of code Vulnerability details Impact Currently, getTVL counts all token balances in GeVault, and attackers can manipulate getTVL to implement deposit attacks. Secondly, since the calculation of LP does not use scaling, because there is a precision error in the division, the cost for the...

getActiveTickIndex implementation error

Lines of code Vulnerability details Impact The implementation of getActiveTickIndex is wrong, and the searched ticks do not meet expectations, causing funds to be incorrectly allocated to edge ticks, and there is basically no staking income. Proof of Concept // if base token is token0, ticks abov...

DelegateTokenRegistryHelpers::calculateDecreasedAmount() - Comment "Assumes the decreased amount won't underflow with "amount"", but it *can* underflow given the right value for parameter decreaseAmount, and is also inside unchecked {} block.

Lines of code Vulnerability details Impact Summary: Since the affected line is inside an unchecked block, the inbuilt solidity protection functionality wont revert this function execution on underflow, therefore the max uint256 value will be returned for calculateDecreasedAmount. Not only that, b...

Lack of ERC1155 Token Balance Check in flashloan Smart Contract Function

Lines of code Vulnerability details Description: : The flashloan function in the code you provided does not check if the amount of ERC1155 tokens being flashed is available. This could lead to a situation where the function fails to complete because the caller does not have enough ERC1155 tokens ...

A malicious contract could steal assets via a flash loan

Lines of code Vulnerability details Impact A malicious contract could fail to return the assets, essentially stealing the Proof of Concept The key vulnerability is in the flashloan function. It transfers the assets to the receiver contract specified in info.receiver without any checks. Then it...

Fee on Transfer tokens cause incorrect accounting

Lines of code Vulnerability details Impact Incorrect accounting for fee on transfer tokens Proof of Concept Delegate accepts all ERC20 token types as specified by the contest page. Some ERC20 tokens include a fee on transfer which means means that the amount of tokens sent to the contract will be...

In ratifyOrder there is no need for array

Lines of code Vulnerability details Impact In ratifyOrder there is no need for array for SpentItem and ReceivedItem calldata consideration Single object can be used, there is use of the array Proof of Concept The single variable can be used instead of offer0.identifier and consideration0 Array is...