amountAvailableForStaking() not fully utilized with compoundedAvaxNodeOpAmt easily forfeited

Lines of code Vulnerability details Impact The mitigated step is implemented at the expense of economic loss to both the node operators and the liquid stakers if compoundedAvaxNodeOpAmt ggAVAX.amountAvailableForStaking after all due to situations like liquid stakers have been actively calling...

Mitigation Confirmed for Mitigation of H-06 Issue mitigated

C4 issue H-06: MinipoolManager: node operator can avoid being slashed Comments In the original implementation, there were a few scenarios where malicious node operators can avoid being slashed. Mitigation PR 41 This PR includes mitigation for various issues H-03, H-06, M-13. Just focusing on the...

There is no way to retrieve the rewards from the MultisigManager and rewards are locked in the vault.

Lines of code Vulnerability details C4 issue M-21: Division by zero error can block RewardsPoolstartRewardCycle if all multisig wallet are disabled. Comments The protocol provides an external function startRewardsCycle so that anyone can start a new reward cycle if necessary. Before mitigation,...

MiniPool.Count state is not fully cleaned up

Lines of code Vulnerability details Impact MiniCount state is not fully cleaned up Proof of Concept According to the PR that aims to address M-19 code-423n4/2022-12-gogopool-findings235 We removed minipool count entirely, in favor of the new AVAXValidating variable that tracks the amount of AVAX...

Deficiency of slashed GGP amount should be made up from node operator's AVAX

Lines of code Vulnerability details Impact If staked GGP doesn't cover slash amount, slashing it all will not be fair to the liquid stakers. Slashing is rare, and that the current 14 day validation cycle which is typically 1/26 of the minimum amount of GGP staked is unlikely to bump into this...

Upgraded Q -> 2 from #362 [1676219107265]

Judge has assessed an item in Issue 362 as 2 risk. The relevant finding follows: N‑01 Upgradeable contract is missing a gap50 storage variable to allow for new storage variables in later versions --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #250 [1676238307490]

Judge has assessed an item in Issue 250 as 2 risk. The relevant finding follows: In first place, currentIndex which is of type mappingaddress = uint256 is incremented before using it in line 117. This will cause the implementation to miss the zero index, and start from the second place index 1. T...

Upgraded Q -> 2 from #504 [1676216850158]

Judge has assessed an item in Issue 504 as 2 risk. The relevant finding follows: Incorrect signature check in the validatePaymasterUserOp function --- The text was updated successfully, but these errors were encountered: All reactions...

ERC4626 vault shares can be maliciously inflated

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The price of ERC4626 vault shares can be maliciously inflated during the first deposit, leading to the loss of assets for next depositors Proof of Concept Provide direct links to all referenced code in...

Wrong first parameter for _calcRewardsEnd when changing reward speed

Lines of code Vulnerability details Impact The function calcRewardsEnd is called with the previousEndTime as first parameter in MultiRewardStaking.changeRewardSpeed, which leads to wrong calculation of the new rewardsEndTimestamp, causing it to be later than it should be. This will lead to more...

Inflation attacks with virtual shares and assets

Lines of code Vulnerability details Impact When the BaseAdapter is empty. Someone can frontrun a user to steal his funds by an inflation attack. Senario Lets say Alice wants to deposit 1 token with decimal 18, so 1e18 units to the vault calling deposit. This is how the attack would unfold. The...

Upgraded Q -> 3 from #648 [1675725284542]

Judge has assessed an item in Issue 648 as 3 risk. The relevant finding follows: 1. Incorrect Minter Address Validation in Mint Function Link : Summary: The mint function in the RabbitHoleReceipt contract does not correctly check the msg.sender address for minter permissions. The onlyMinter...

Upgraded Q -> 2 from #329 [1675575934658]

Judge has assessed an item in Issue 329 as 2 risk. The relevant finding follows: Reentrancy issue on claim for Erc1155Quest There is a reentrancy issue when claiming ERC1155 tokens, that will you reenter before redeemedTokens is updated. Here is the callback Quest.solL114 Stick to the check effec...

User can lose NFT if wrong type is given to add function

Lines of code Vulnerability details Impact If a user when trying to add its NFT to a given subprotocol provide a wrong association type by accident to the add function, the NFT will be transferred to the CidNFT contract but it will not be associated with any protocol type, because of that when th...

The users can't add traits for their CidNFT's

Lines of code Vulnerability details Proof of Concept The CidNFT contract implements the add function for the users to add traits/subprotocol Id's to their CidNFT's. During calling add function, it validates whether the user is the owner of the provided CiDNFT and the user is approved by the owner...

Split vulnerable to preimage attack

Lines of code Vulnerability details Impact A motivated attacker could invest the resources to craft a malicious SplitsReceiver to steal all of a users' pending funds. Proof of Concept This is a non-practical implementation of the attack, but shows by extending the SplitsReceiver array by any numb...

nftAddress can be a malicious NFT

Lines of code Vulnerability details Impact In the subprotocolregistry contract, users are allowed to register any subprotocols. As long as the supportsinterface condition is met. The validity of the nftaddress address is not checked. function register bool ordered, bool primary, bool active,...

Upgraded Q -> 2 from #748 [1675439377792]

Judge has assessed an item in Issue 748 as 2 risk. The relevant finding follows: L MultisigManager doesn't have unregister function MultisigManager.sol contains a hard limit of MULTISIGLIMIT to 10. Meanwhile in the contract, there are functions like registerMultisig, enableMultisig, and...

A Theoretical-Gaming Vulnerability

Lines of code Vulnerability details Impact There is a theoretical-gaming vulnerability in the project. Currently, users are able to set up a graph in which money should flow from one vertex to another. The user sets the split configuration on their account and there is a public function...

SubprotocolRegistry accepts empty string as protocol name

Lines of code Vulnerability details Impact The input sanitization statements in SubprotocolRegistry.sol's register function are: function register bool ordered, bool primary, bool active, address nftAddress, string calldata name, uint96 fee external // ... if !ordered || primary || active revert...

Upgraded Q -> 2 from #783 [1675429188655]

Judge has assessed an item in Issue 783 as 2 risk. The relevant finding follows: restakeGGP doesn't have whenNotPaused modifier At line 319 stakeGGP has whenNotPaused modifier, while restakeGGP has not. Suggest to add the same modifier to restakeGGP. --- The text was updated successfully, but the...

Upgraded Q -> 2 from #854 [1675461747744]

Judge has assessed an item in Issue 854 as 2 risk. The relevant finding follows: When the protocol is paused, all the multisigs are disabled:, However, it is still possible to call startRewardsCycle in the RewardsPool, however, the execution will revert because the enabled count is 0: --- The tex...

[H-01] Reentrancy attack is possible when using ERC777 tokens in DripsHub

Lines of code Vulnerability details H-01 Reentrancy attack is possible when using ERC777 tokens in DripsHub Impact: Some ERC20 tokens implement the EIP 777 interface including the tokensToSend hook, which performs a callback to the user from which tokens will be transferred before the tokens are...

Unchecked that address to is not 0

Lines of code Vulnerability details Impact Sanity checks checking that funds are not going to the burn address should be done. In this case in the function swap, funds will not burn because you have to return the flashloan but the check should be made Tools Used manual Recommended Mitigation Step...

mint() function logic will break with fee-on-transfer(deflationary) tokens

Lines of code Vulnerability details Impact with deflationary token mint function never succeed Proof of Concept mint function checking if balanceAfter totalLiquidity revert CompleteUtilizationError; // next check is for the case when liquidity is borrowed but then was completely accrued if...

Unprotected Ether Withdrawal

Lines of code Vulnerability details Description Due to missing or insufficient access controls, malicious parties can withdraw some or all Ether from the contract account. This bug is sometimes caused by unintentionally exposing initialization functions. By wrongly naming a function intended to b...

Payment multiple functions do not check the caller

Lines of code Vulnerability details Impact Multiple functions in the Payment contract do not check the caller, for example, an attacker can directly call refundETH to transfer assets in the contract function refundETH external payable //@audit if addressthis.balance 0...

Upgraded Q -> M from #819 [1675276650768]

Judge has assessed an item in Issue 819 as M risk. The relevant finding follows: If we are going with this specific impact, looks like scenario 2 is valid - but does depend on Rialto making that mistake, so would say that is Medium. This is a duplicate, the primary issue being 723 --- The text wa...

First depositor can manipulate the invariant of a pool

Lines of code Vulnerability details Impact someone can call deposit upon pool creation, with a custom liquidity variable and small first deposit to change the behaviour of the pool, as a way to attack the protocol. even if a pool is setup and initialized correctly, there is not guaranteed that th...

Malicious user can create a dummy Lendgine contract by mimicing a salt with same encoding format but using a malicious AMM invariant function

Lines of code Vulnerability details Impact Lendgine contract address is created using a salt that is generated by a hash of pool parameters in Factory.sol. A malicious user can create a Lendgine exploit contract that uses the salt generated by exact same encoding but this contract inherits a Pair...

Successful get balance request to victim contract from attack contract and also costing the victim contract gas fees

Lines of code Vulnerability details Impact Successful get balance request to victim contract from attack contract and also costing the victim contract gas fees One can view the balance of the victim's contract without permission. URL:...

withdrawFee() can be called indefinitely

Lines of code Vulnerability details The function withdrawFee does not account whether the fees have already been collected or not, therefore it can be called multiple times or even indefinitely, until the contract balance reaches zero. All funds will be transferred to the protocolFeeRecipient, bu...

hash and signature_ can be obtained from the mempool when recoverSigner is executed

Lines of code Vulnerability details In the QuestFactory.sol contract, an attacker can monitor the mem pool and obtain the values of hash and signature which the other user has provided to the function Proof of Concept 210-213: function recoverSignerbytes32 hash, bytes memory signature public pure...

Replayable signature in the mintReceipt function

Lines of code Vulnerability details Description In the mintReceipt function there is a check of the claimSignerAddress signature: if keccak256abi.encodePackedmsg.sender, questId != hash revert InvalidHash; if recoverSignerhash, signature != claimSignerAddress revert AddressNotSigned; The signatur...

Wrongly implemented modifier allow anybody to mint receipts.

Lines of code Vulnerability details Impact Quest rewards can be claimed by anybody without completing any task. RabbitHoleReceipt.onlyMinter modifier purpose is to allow only designated addresses to mint new receipts like QuestFactory smart contract. But since the input is not validated anybody c...

Bad implementation in minter access control for RabbitHoleReceipt and RabbitHoleTickets contracts

Lines of code Vulnerability details Both RabbitHoleReceipt and RabbitHoleTickets contracts define a mint function that is protected by a onlyMinter modifier: RabbitHoleReceipt: function mintaddress to, string memory questId public onlyMinter tokenIds.increment; uint newTokenID = tokenIds.current;...

Mitigation of M-07: Issue not mitigated

Lines of code Vulnerability details Mitigation of M-07: Issue not mitigated --- The text was updated successfully, but these errors were encountered: All reactions...

Mitigation of M-06: Issue not mitigated

Lines of code Vulnerability details Mitigation of M-06: Issue not mitigated --- The text was updated successfully, but these errors were encountered: All reactions...

Mitigation of M-02: Issue not mitigated

Lines of code Vulnerability details Mitigation of M-02: Issue not mitigated --- The text was updated successfully, but these errors were encountered: All reactions...

Mitigation of M-02: Issue not mitigated

Lines of code Vulnerability details The sponsor appears to confirm Medium severity, but did not provide any PRs addressing it, so the same issue remains in the new code. --- The text was updated successfully, but these errors were encountered: All reactions...

Loss of ETH for proposer when it is a contract that doesn't have fallback function.

Lines of code Vulnerability details The issue that is described in code-423n4/2022-12-tessera-findings40 was not mitigated and still applies like it is described there. --- The text was updated successfully, but these errors were encountered: All reactions...

Orders may not be fillable due to missing approvals

Lines of code Vulnerability details The issue that is described in code-423n4/2022-12-tessera-findings36 was not mitigated and still applies like it is described there. --- The text was updated successfully, but these errors were encountered: All reactions...

Gas Optimizations

See the markdown file with the details of this report here. --- The text was updated successfully, but these errors were encountered: All reactions...

[H-01] Lack of access control allow attacker to transferTokenPositionFrom()with other user's wallet balance

Lines of code Vulnerability details Impact This issue allows anyone to transferTokenPositionFrom and steal almost all their wallet balances for all the users who have approved the contract before. Proof of Concept Funds are transferred from the from parameter, and the output tokens are transferre...

User can open position without depositing tokens

Lines of code Vulnerability details Impact User can mint long/short tokens without depositing anything. This is because the function on LN 172 doesn't check the contents of the returned data from the function, and the function doesn't verify that the contract has indeed received the expected...

All Transfer Hooks have incomplete checks which might lead to transactions reverting

Lines of code Vulnerability details Impact Due to not checking that the ids array and amounts array are same , if given the two arraya of non-equal length it might lead to incorrect token transfers and unwanted transaction reverts. Proof of Concept According to the EIP specification the ids array...

Mismatch in if statement check for long0, long1 and shortAmount

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. As stated in the comment of the lines referenced below, long0Amount and long1Amount could be zero but the code is wrongly implemented which could lead to unexpected behavior of the code. The 'shortAmoun...

reentrancy in TimeswapV2Option.collect()

Lines of code Vulnerability details Impact collect function doesn't respect the check-effect-interaction pattern, where in the case if a param.data is provided it makes an external call to the caller, right after that, it updates option short amount state. in the case if the caller calls back int...

STORAGE LOCATION OF liquidityPosition OF ONE USER IS OVERWRITEN BY THE liquidityPosition OF ANOTHER USER

Lines of code Vulnerability details Impact In the pool.sol contract under the transferFees function, the pool liquidity position of the msg.sender is assigned to the storage variable liquidityPosition. And this liquidityPosition is updated for new fee allocation and fee burning. The transaction f...

Upgraded Q -> H from #296 [1674743769839]

Judge has assessed an item in Issue 296 as H risk. The relevant finding follows: Lines of code Vulnerability details A malicious liquidator could cause the NFT auction to fail and steal the collateral after end of auction. Impact Anyone can act as a liquidator and trigger the liquidation of the...