bad actore can increase gas usage in swapfrom function

Lines of code Vulnerability details Impact bad actor can increase gas in swapfrom function because everytime calling swapfrom function it store new unit and everytime runs the loop for length of it Proof of Concept the swapfrom function includes function setReservesIERC20 memory tokens, uint256...

Wherever possible, _safeMint() should be used rather than _mint()

Lines of code Vulnerability details Impact mint is not recommended in favour of safeMint, which guarantees that the recipient is either an EOA. Proof of Concept, , Tools Used Vscode use safeMint instead of mint. Assessed type Upgradable --- The text was updated successfully, but these errors were...

NO ACCESS CONTROL IN THE Well.skim() EXTERNAL FUNCTION

Lines of code Vulnerability details Impact The Well.skim external function is used to transfer the excess tokens held by the Well to recipient. But there is no access control in this function and hence anyone can call this function. Therefore this function allows any arbitory user recieve the...

There is a large precision error in sqrt calculation of lp

Lines of code Vulnerability details Impact Compared with div, there is a larger precision error in calculating lp through sqrt, so there should be a way to check whether there are excess tokens left when adding liquidity. Proof of Concept function testCalcLpTokenSupplyDiff public uint256 memory...

Long term denial of service due to lack of fees in Well

Lines of code Vulnerability details Description The Well allows users to permissionless swap assets or add and remove liquidity. Users specify the intended slippage in swapFrom, in minAmountOut. The ConstantProduct2 implementation ensures Kend - Kstart = 0, where K = Reserve1 Reserve2, and the...

Implementation of Well shift() function allows attackers to completely manipulate the oracles

Lines of code Vulnerability details Description The TWAP mechanism relies on measurements sent to the oracle at various points in time. Before reserve counts change, the TWAP is sent the last reserve counts, which are multiplied by the time passed and added to the accumulator. In MultiFlowPump, i...

Well.sol#removeLiquidityImbalanced - Handling Excess Reserves in removeLiquidityImbalanced Function to Prevent Unnecessary Reverts

Lines of code Vulnerability details Impact The removeLiquidityImbalanced function in the Well.sol contract is vulnerable to a potential underflow. This could disrupt the contract's functionality and prevent users from removing liquidity in an imbalanced manner. Furthermore, the function does not...

The constant product invariant can be broken.

Lines of code Vulnerability details description Let reserves returned by Well.getReserves as x, y and Well.tokenSupply as k. They must maintain the invariant x y EXPPRECISION = k 2. However, the reserves can increase without updating the token supply if a user transfers one token of the well and...

Stealing excess tokens from other users by either front-running skim function or calling it before legitimate user

Lines of code Vulnerability details Impact File /src/interfaces/IWell.sol comment's defines what the skim function is being responsible for: / @notice Sends excess tokens held by the Well to the recipient. @param recipient The address to send the tokens @return skimAmounts The amount of each toke...

Incorrect modification authorization amount

Lines of code Vulnerability details Impact In a specific scenario, the authorized transfer amount from N-M M0, N0 will cause the user to lose M+N money. This solution is to first change the authorized amount to N-0 and then to 0-M. This is not the best solution suggested by the article, and it is...

In MulticallRootRouter.sol, approve function can fail for non standard ERC20 tokens like USDT

Lines of code Vulnerability details Impact Some tokens like USDT do not work when changing the allowance from an existing non-zero allowance value. For example Tether USDT’s approve function will revert if the current approval is not zero, to protect against front-running changes of approvals. Li...

Missing deadline checks allow pending transactions to be maliciously executed

Lines of code Vulnerability details Impact In PoolActions.sol, swapToEqualAmounts function has no deadline check for the transaction when swapping. File: src/talos/libraries/PoolActions.sol function swapToEqualAmountsActionParams memory actionParams, int24 baseThreshold internal bool zeroForOne,...

BranchPort.toggleStrategyToken used on unregistered STRATEGY TOKEN will allow STRATEGIES to drain full token balance

Lines of code Vulnerability details Impact BranchPort.toggleStrategyToken may be called on a token not registered as a strategy token effectively registering it without setting a getMinimumTokenReserveRatio. In such a case minimumReserves will always return a value smaller than the current balanc...

If a STRATEGY TOKEN is "Toggled off" STRATEGIES will still be able to withdraw but returning of tokens with replenishReserves will be disabled.

Lines of code Vulnerability details Impact BranchPort.manage allows a registered Strategy to withdraw certain amounts of enabled strategy tokens. It validates access rights ie. if called by a strategy registered for the requested token. It however doesn't check if the token itself is currently...

Potential Loss of Funds Due to Zero Slippage Hardcoding in TalosBaseStrategy#deposit

Lines of code Vulnerability details Impact In the deposit function within the TalosBaseStrategy contract, both slippage for two tokens amount0Min and amount1Min are hardcoded to zero. This can have severe implications as users may unintentionally accept a minimum of zero output tokens from a swap...

Although ERC20Boost.decrementGaugesBoostIndexed function would require user to remove all of her or his boost from a deprecated gauge at once, such user can instead call ERC20Boost.decrementGaugeBoost function for multiple times to utilize such deprecated gauge and decrement its userGaugeBoost for multiple times

Lines of code Vulnerability details Impact When the gauge input corresponds to a deprecated gauge, calling the following ERC20Boost.decrementGaugeBoost function can still execute gaugeState.userGaugeBoost -= boost.toUint128 if boost = gaugeState.userGaugeBoost is false. function...

_payFallbackGas is not being paid in case selector is 0x07 or 0x08

Lines of code Vulnerability details Impact payFallbackGas gas is not being paid for selectors 0x07 and 0x08 which causes a loss for protocol's execution gas budget. In case Execution budget is not enough then anyFallback will fail. Proof of Concept In payFallbackGas gas should always be paid in...

An attacker can burn shares of other users by calling executeFlashloan()

Lines of code Vulnerability details The executeFlashloan in PeUSDMainnetStableVision.sol allows users to execute flash loans but the problem is that the receiver doesnt have to be the msg.sender so an attacker can do 2 things: 1. Execute other users flash loans 2. If a user is a smart contract th...

Calls to rigidRedemption can fail due to an underflow when collateralAsset price falls.

Lines of code Vulnerability details Impact When the collateralAsset price falls drastically a wrong collateralAmount is calculated in the line below from the eusdAmount. The collateralAmount calculated can be greater than the amount deposited by the provider in the rigidRedemption. Which leads to...

[H] Users can lose funds if they call depositEtherToMint

Lines of code Vulnerability details Impact Due to only an interface implementation of function submit in Lido contract, users will lose funds due to non-existent implementation. Proof of Concept The comments in the code suggest that when users deposit ETH, it should be directly deposited into the...

executeFlashloan() doesn't pass/authenticate the initiator address

Lines of code Vulnerability details Impact In PeUSDMainnetStableVision.sol executeFlashloan. File: contracts/lybra/token/PeUSDMainnetStableVision.sol 129 function executeFlashloanFlashBorrower receiver, uint256 eusdAmount, bytes calldata data public payable 130 uint256 shareAmount =...

Invalid Access Control Modifiers

Lines of code Vulnerability details Impact The LybraConfigurator is the contract in charge of all core functionality in the Lybra ecosystem. However, the modifiers checks here are invalid. So anybody could call any function in the protocol. All funds could be stolen and governance overturned Proo...

contract has the tendency to mint more tokens than it actually has

Lines of code Vulnerability details Impact If the contract does not have enough esLBR tokens to mint and transfer as rewards, users will not be able to claim their rewards even if they have earned them. Proof of Concept There is no check to ensure that the contract's balance of esLBR tokens is...

First user can drain funds from staking contract

Lines of code Vulnerability details Impact If the first user locks an extremely small amount of tokens 1 wei, he can manipulate the reward that is supposed to receive. After locking a small amount, he can unlock it before the second user interacts with the contract. See PoC for more details. Note...

Add check to disallow creation of Standard Denomination pool

Lines of code Vulnerability details Impact CreatePool does not check if the counterpartyDenom is a Standard Denomination. This can lead to creation of pools where the StandardDenom and the CounterpartyDenom are the same. Code reference // CreatePool create a liquidity that saves relevant...

Arbitrary parameters

Lines of code Vulnerability details Impact There is no way to check that the sequence parameter is indeed a correct one Proof of Concept It is being passed straight to a function which modifies the KVStore's pools, thus it could be any value due to not being checked e. g. it could be 0,...

Users potentially cannot have Canto token swapped automatically when bridging assets to the Canto Network

Lines of code Vulnerability details Impact If the field AutoSwapThreshold is set to zero value, the logic that compares standardCoinBalance to the autoSwapThreshold always evaluates to false so there isn't any swap operation from bridged asset to Canto token for users. Therefore, the purpose of t...

AutoSwapThreshold field is not checked for exceeding MaxAutoSwapThreshold constant

Lines of code Vulnerability details Impact validateAutoSwapThreshold function has a problem that does not check the AutoSwapThreshold field is less than or equal to the MaxAutoSwapThreshold constant, this can caused that a malicious user could set the AutoSwapThreshold field to a value that is...

M-02 Unmitigated

Lines of code Vulnerability details Mitigation of M-02: Issue partially mitigated, see comments Link to Issue: code-423n4/2023-05-ambire-findings18 Comments While the issue mentioned in M-02 has been technically mitigated, the same attack can be performed in another function present in the wallet...

M-03 Unmitigated

Lines of code Vulnerability details Mitigation of M-03: Issue not mitigated, see comments Link to Issue: code-423n4/2023-05-ambire-findings16 Comments The issue is not mitigated. There is an error in the implementation of the mitigation of M-03. See report adriro-MR-M-03-ERROR for details. Assess...

M-03 Unmitigated

Lines of code Vulnerability details adriro-MR-M-03-ERROR: Recovery transaction can be replayed after a cancellation The mitigation of M-03 contains an error in the implementation of the fix. The original issue is still present. Impact The report in M-03 describes an issue related to the replay of...

[adriro-NEW-M-02]: Wallet design prevents EIP-165 extensibility

Lines of code Vulnerability details adriro-NEW-M-02: Wallet design prevents EIP-165 extensibility The current wallet fallback design prevents the extensibility of the EIP-165 functionality. Impact Ambire wallet extensibility is provided by a fallback mechanism. If a fallback handler is defined in...

User who stakes into StRSRVotes doesn't have any voting power

Lines of code Vulnerability details Impact User who stakes into StRSRVotes doesn't have any voting power. This is not intuitive clear and user who thinks that he can vote, actually will not be able until he will delegate votes to himself. Proof of Concept StRSRVotes contract extends StRSR which h...

Executing a script action with non-zero value results in frozen funds

Lines of code Vulnerability details Llama instances have a separate LlamaExecutor contract for action execution. When calling LlamaCore.executeAction, the flow is the following for simplicity, we ignore action guards: The function does internal validation: checking the current action state is...

THERE IS NO INPUT VALIDATION FOR CRITICAL STATE VARIABLES WHICH COULD BREAK THE CORE FUNCTIONALITY OF THE PROTOCOL

Lines of code Vulnerability details Impact In the LlamaAbsoluteStrategyBase.queuingPeriod variable denotes the minimum time in seconds between queueing and execution of action. The LlamaAbsoluteStrategyBase.minExecutionTime returns the block.timestamp + queuingPeriod timestamp. Here queuingPeriod...

_newCastCount can overflow and lead to wrong state

Lines of code Vulnerability details Impact The method newCastCount only checks for overflow via the two parameters that are passed. If a user were to pass a quantity that is equal to typeuint128.max - currentCount + 1, they could effectively bring the newCastCount value to 0 or to any value they...

Gas griefing/thief in LlamaAccount execute()

Lines of code Vulnerability details Impact LlamaAccount execute function either delegatecall or call to the provided address. The address may contain malicious contract and should be treated as a malicious. This assumption was confirmed by implementation of this function and its comments...

Uses Send Value to transfer Native token instead of Transfer Function

Lines of code Vulnerability details Impact The Send Value is susceptible to a reentrancy attack. Proof of Concept If the recipient is a malicious contract that performs a reentrant call back into the LlamaAccount contract, it can execute code before the transfer is completed and potentially...

Success value and msg.value not checked in llamaExecutor.sol

Lines of code Vulnerability details Impact Success value not checked. Result can fail silently. Msg.value can be lost. Proof of Concept Function execute does not check the validity of success. If execute is called and msg.value is greater than value, then excess msg.value will be stucked in...

Incorrect validation in LlamaRelativeQuorum results in improper approvals/disapprovals

Lines of code Vulnerability details Impact The LlamaRelativeQuorum contract is intended to allow for approvals/disapprovals to be configured such that, for example, an approval is triggered when a certain percentage of the total quantity for a role with this quantity being fixed at the creation o...

Role might be granted and revoked at the same block to manipulate the role supply and result in incorrect behavior of relative strategy

Lines of code Vulnerability details Impact There is a potential issue where a role can be granted, votes can be cast, and then the role can be revoked in the same block. This can lead to incorrect behavior of relative strategy in manipulating the vote supply. The problem arises because the role...

The signature "V" length is not checked in castApprovalBySig, CastDisapprovalBySig & createActionBySig

Lines of code Vulnerability details Impact The length of the "v" value in the signatures is not checked. V must correspond according to ECDSA principles values of either 27 or 28. Not checking this will result in an attacker crafting a malicious v value and bypassing any checks, withdrawing funds...

[ H ] In executeAction function, ETH can remain stuck after reverting due to a failed call.

Lines of code Vulnerability details Impact If and when the executeAction function reverts at either of the checks, the amount of ETH sent along with the call will be locked in the contract forever, with no current measures of recovery. Proof of Concept executeAction is called, but the call fails ...

FRONT-RUNNING SUSCEPTIBILITY IN ADDBID()

Lines of code Vulnerability details Impact Auction.addBid is susceptible to front-running attacks. This vulnerability presents a significant risk as participants with adequate knowledge or skill could manipulate Ethereum transaction ordering to gain undue advantage, potentially compromising the...

Manager and DEFAULT_ADMIN_ROLE can create a scenario where user deposits more than he is permitted to withdraw

Lines of code Vulnerability details Impact manager and DEFAULTADMINROLE can update conflicting values as max deposit limit and max withdrawal limit, where maxDepositAmount is than maxWithdrawAmount. Users will be able to deposit more than they are permitted to withdraw. considering the extremes i...

accountsMap[ADMIN] not set in initialize function of StaderConfig contract

Lines of code Vulnerability details Impact When initializing the StaderConfig contract with the initialize function, the admin address is not set in accountsMapADMIN variable, so the getAdmin function will return address0. This will cause the loss of the ownership of the VaultProxy contract as it...

MISSING ACCESS CONTROL AND MISSING LOGICAL CHECKS IN PENALTY.sol

Lines of code Vulnerability details Impact In the penalty.sol contract anyone can call the markValidatorSettled... function to clear the penalty of an erring validator. Proof of Concept Anyone can clear the penalty of an erring validator without by calling markValidatorSettled... as the function...

Problem with Day values

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. In solidity, block.timestamp makes use of seconds in calculating time but in the highlighted codes, the stated period and their comments was miscalculated. 7200 was referred to as 24 hours and was used...

The claim() function has a reentrancy vulnerability

Lines of code Vulnerability details Impact The claim function has a reentrancy vulnerability . In the function, the UtilLib.sendValue function is called before emitting the Claimed event. This violates the "check-effect-interaction" model, which is a best practice for secure smart contract...

User with large stacked ETH can deny other stacker from withdrawing.

Lines of code Vulnerability details Description The withdraw flow of Stader splitted in two steps, first the user has to requestWithdraw by passing his owned ETHx amount which add a new record to userWithdrawRequestsnextRequestId, second, finalizeUserWithdrawalRequest got called by any user to...