LP pricing formula is vulnerable to flash loan manipulation

Lines of code Vulnerability details Impact The LP pricing formula used in the buyQuote, sellQuote, addQuote, removeQuote functions of Pair.sol contract is vulnerable to flash loan manipulation. Proof of Concept The baseTokenReserves calculates the current balance of base token reserves. This...

MEV searchers can capture slippage tolerance on pool creation

Lines of code Vulnerability details Impact In the current Caviar protocol, anybody can supply initial liquidity to a newly created pool. An LP who intends to create a new pool and add liqiduity could execute the following transactions: 1. LP transaction 1: pair = Caviar.create 2. LP transaction 2...

Merkle root of zero bypasses validation

Lines of code Vulnerability details Impact The merkle root validation happens with this require in validateTokenIds. If the merkle root is zero, this check is skipped. Proof of Concept This require validates that the merkle root is valid. This code is never reached if merkleRoot == bytes230 becau...

Pair.sol:close() does not recover any of the base token / liquidity tokens before destroying it

Lines of code Vulnerability details Impact If pair hold any of the native or any other liquidity tokens, that never be recovered if the pair is destroyed. Proof of Concept owner has special rights to destroy the pair if it is compromised. But before destroy, it does not recover any of of the toke...

Attacker can DOS OptimisticListing with very low cost

Lines of code Vulnerability details Impact The only check on a new proposal is that it is priced lower than the existing proposal. It does not constrain on the collateral supplied except it will revert in verifyBalance if set to 0. Anyone can block normal proposal creation by creating a proposal...

buyQuote should be rounded up

Lines of code Vulnerability details Impact The buyQuote is not rounded up, which can cause a leak of value, due to the buyQuote being underestimated. Proof of Concept The function Pair.buyQuote does not round up, which can cause the issue described under Impact: function buyQuoteuint256...

Price manipulation by sending Ether

Lines of code Vulnerability details Price manipulation by sending Ether not profitable although The function Pair.price uses Pair.baseTokenReserves uses addressthis.balance or ERC20baseToken.balanceOfaddressthis. In case addressthis.balance is used when address0 is passed, there can be price...

Loss of ETH for proposer when it is a contract that doesn't have fallback function.

Lines of code Vulnerability details Description sendEthOrWeth is used in several locations in OptimisticListingSeaport: 1. rejectProposal - sent to proposer 2. rejectActive - sent to proposer 3. cash - sent to msg.sender This is the implementation of sendEthOrWeth: function...

Reentrancy in GroupBuy.purchase allows buying NFT twice

Lines of code Vulnerability details Impact In GroupBuy.purchase, poolInfopoolId.success which prevents buying the same NFT again is only set to true after the sale was executed. This can be exploited by reentering in the following line: address vault = IMarketBuyermarket.executevalue:...

Compromised or malicious owner of GovNFT contract can call _bridgeMint function on Chain A to block a Governance NFT's holder from bridging such NFT from Chain B to Chain A

Lines of code Vulnerability details Impact After a Governance NFT is minted and transferred to a user on Chain A, this user can bridge it to Chain B. Afterwards, because this NFT is already burned on Chain A, the owner of the GovNFT contract, who can possibly become compromised or malicious, can...

Governance NFT holder, whose NFT was minted before Trading._handleOpenFees function is called, can lose deserved rewards after Trading._handleOpenFees function is called

Lines of code Vulnerability details Impact Calling the following Trading.handleOpenFees function does not approve the GovNFT contract for spending any of the Trading contract's tigAsset balance, which is unlike calling the Trading.handleCloseFees function below that executes...

Unable to release funds deposited through Lock-extendLock

Lines of code Vulnerability details Impact Users depositing tig assets to the bondNFT through the Lock contract could find themselves unable to release their funds. The only explanation the user would receive is an "Arithmetic over/underflow" error. This issue greatly deteriorates the user...

Attacker can disable contract functionality

Lines of code Vulnerability details Impact Current setup of the protocol is vulnerable to a DoS attack. This can be achieved by anyone calling initialize on the implementation VRFNFTRandomDraw contract. With the implementation contract initialized the created clones cannot be re-initialized and...

IERC20.transfer does not support all ERC20 token

Lines of code Vulnerability details Impact Proof of Concept Token like USDT known for using non-standard ERC20. Missing return boolean on transfer. Contract function handleDeposit will always revert when try to transferfrom this kind of tokens. Tools Used manual review Recommended Mitigation Step...

Minter privilege escalation vulnerability

Lines of code Vulnerability details Impact The contract owner could potentially abuse their privileges to manipulate the token supply and undermine the integrity of the token economy. Proof of Concept The 'setMinter' function in the contract allows the contract owner to set the minter status for...

GovNFT contract's owner can stop Governance NFT holders from receiving more rewards from trades' DAO fees, and such reward amounts can remain in Trading contract without belonging to anyone

Lines of code Vulnerability details Impact According to , "Profits from trading fees are paid out to Governance NFT holders in real-time...Rewards are paid out in Tigris stablecoins." However, for some legitimate reasons, such as if the corresponding Tigris stablecoin has a bug, or if the owner o...

Choosing a cheap gas lane may result in no winners

Lines of code Vulnerability details Impact The drawer can choose whichever gas lanekeyHash they like. Giving this choice to the drawer may result in no winners if the network is congested and the drawer chooses a cheap gas lane. Recommended Mitigation Steps Check the options of keyHashes that can...

Raffle is fair only if tokenRange is a power of 2.

Lines of code Vulnerability details Impact Based on the contract logic, the raffle works by sampling a value $ x \in \mathbbZ | 0 \leq x \lt 2^256 $ aka uint256 from a uniform distribution provided by Chainlink VRF, then applying modulo tokenRange, generating a new value $ y \in \mathbbZ | 0 \leq...

Lack of validation on price feeds

Lines of code Vulnerability details Impact Lack of validation on Chainlink price feeds may result in incorrectly functioning or non-functioning protocol. For example: during high volatility a price feed may be suspended or become stale; on L2 networks the sequencer might be down on L2 networks th...

Wrong update of stoploss in TradingExtension._limitClose()

Lines of code Vulnerability details Impact TradingExtension.limitClose returns a wrong stoploss which is favorable for users and it would be a significant loss for the protocol. Proof of Concept TradingExtension.limitClose is used to set takeprofit/stoploss prices for the pending order and execut...

Users can get free collateral when using non-reverting on failure baseTokens

Lines of code Vulnerability details Impact A user calling Collateral's deposit function when baseToken is a non-reverting on failure ERC20 token, can get an arbitrary amount of collateral without actually depositing a single base token in the contract. function depositaddress recipient, uint256...

Insufficient support for fee-on-transfer type of ERC20

Lines of code Vulnerability details Some ERC20 token implementations have a fee that is charged on each token transfer. This means that the transferred amount isn't exactly what the receiver will get. A call to IERC20token.transferrecipient, 100 with a fee-on-transfer FOT of 5% will entitle the...

Unsafe downcasting in TWA.sol truncate TWAP price

Lines of code Vulnerability details Impact Unsafe casting operation in TWA.sol truncation price. Proof of Concept the pool relies on the TWAP price to function properly, however, the code in TWA.sol sliently downcasting the price, which can truncate the price and affect user's trading unexpectedl...

Mint might result in too few tokens minted

Lines of code Vulnerability details mint of PrePOMarket.sol allows the team to mint new short and long tokens in exchange for collateral tokens. Long and short tokens are default ERC20 tokens with 18 decimals, while the collateral ERC20 token uses the decimals of the underlying base token. Howeve...

function mint() in PrePOMarket shouldn't accept deposits after expiryTime of Market

Lines of code Vulnerability details Impact Function mint Mints Long and Short tokens in exchange for amount collateral and according to the comment in the IPrePOMarket: "Minting is not allowed after the market has ended." but there is no check or restriction in the code that to make sure minting ...

position's wrong profit and loss or incorrect distribution of funds in contract PrePoMarket because it doesn't consider expiryTime for setting the value of finalLongPayout and calculating redeem amounts based on positions and Markets never expire

Lines of code Vulnerability details Impact according to the docs: "The expiry date of the market. If a market has not settled by its expiry date, it will automatically settle at the lower bound of its Valuation Range." but Contract PrePOMarket doesn't consider expiryTime in its logic and...

Missing modifiers in the functions of several parent contracts

Lines of code Vulnerability details Impact The value can be set by everyone Proof of Concept All these functions can be overridden by the child contracts. If all these functions are called from the child contracts, there are modifiers restricting everyone to call the functions. However, all these...

WithdrawHook doesn't check that userWithdrawLimitPerPeriod is less than globalWithdrawLimitPerPeriod

Lines of code Vulnerability details Impact WithdrawHook doesn't check that userWithdrawLimitPerPeriod is less than globalWithdrawLimitPerPeriod. It allows to user withdraw more then globalWithdrawLimitPerPeriod per period. Proof of Concept Function WithdrawHook.hook should not allow to withdraw...

underflow in the getPrice() function can block the buy and refund in the LPDA sale

Lines of code Vulnerability details Impact In the LPDA sale the price decrease in values after each second, and when creating the sale the value of the lowest price possible is not checked, so the price could go below zero at a given timestamp which will lead to an underflow in the getPrice...

overflow in buy function

Lines of code Vulnerability details Impact the function doesn't check if the input is more the supply Proof of Concept the function doesn't have any condition check of amount Tools Used manually Recommended Mitigation Steps check the input for maximum or requirement for max supply --- The text wa...

Decimals of the oracle is not checked

Lines of code Vulnerability details Impact Decimals of the Chainlink oracle is not checked, it is assumed to have the same unit as BASECURRENCYUNIT but it might not always be the case. If the oracle use a different number of decimals all the price will be wrong by magnitudes. Proof of Concept...

Use of payable.transfer() may lock user funds

Lines of code Vulnerability details Impact The use of payable.transfer is heavily frowned upon because it can lead to the locking of funds. The transfer call requires that the recipient has a payable callback, only provides 2300 gas for its operation. This means the following cases can cause the...

NFTs mintable after Auction deadline expires

Lines of code Vulnerability details Impact The buy function on the LPDA.sol contract is not validating if the auction is still running, allowing a purchase to be made after the stipulated time. The endtime variable used to store the end date of the auction is not used at any point to validate...

Some arbitrary feeders will not be removable, even by admin.

Lines of code Vulnerability details Description NFTFloorOracle receives data from different "feeders". They are added using addFeeders and removed by removeFeeder. Feeders are managed by two data structures. feeders is an array, each element in the address of the feeder. feederPositionMap maps...

There isn't an end time on FixedPrice and LPDA sales, and the sale can't be canceled after the sale start.

Lines of code Vulnerability details Impact The sale can't be canceled after the sale start. Moreover, the sale won't end, which contradict the fact that typical NFT sales nowadays have an end time. Even your OpenEdition have an end time. Proof of Concept struct Sale // slot 1 uint48 currentId;...

Upgraded Q -> M from #366 [1670366212013]

Judge has assessed an item in Issue 366 as M risk. The relevant finding follows: 1. Not support fee-on-transfer tokens Every tokens of credit line will be transferred from lender to LineOfCredit first, then to borrower later. These 2-transfer steps will make the tax for some fee-on-transfer token...

Missing msg.value when executing the cross-chain request

Lines of code Vulnerability details Impact the cross-chain request will not support smart contract that requires ETH payment in destination chain on execution side. Proof of Concept When a user relayers call and performs a cross-chain request, the executor needs to execute the request in the...

ProcessedCalls Event Emission Vulnerability

Lines of code Vulnerability details Summary The contract is vulnerable to reentrancy attacks through the ProcessedCalls event. The event is emitted with the ticketId of the newly created retryable ticket, which can be used by an attacker to reenter the contract. Impact An attacker could exploit...

CrossChainRelayerArbitrum contract: GasLimitTooHigh revert error not caught

Lines of code Vulnerability details Summary The relayCalls function in the CrossChainRelayerArbitrum contract reverts when the gasLimit parameter is greater than the maxGasLimit, but it does not have a catch block to handle the error. As a result, the transaction will fail without providing any...

Possible DoS On executeCalls() function

Lines of code Vulnerability details Impact The contract can be in a state of DoS as the function executeCalls would consume all the gas as there is no upper limit on the number of calls that can be inside the array calls. Proof of Concept In the function here it perform a for loop and loops throu...

Replay Attack possible by processCalls function

Lines of code Vulnerability details Impact Calls can be processed multiple times Proof of Concept The processCalls function uses the require function to check whether the nonce and calls values have been relayed, but it does not check whether the sender value is the same as the msg.sender value...

Potential reentrancy attack

Lines of code Vulnerability details Impact There is a potential of reentrancy attack in executeCalls in EthereumToArbitrumExecutor.sol since CallLib is making an external call with its executeCalls and we do not know the implementation of the contract that will be called eventually. The same issu...

Upgraded Q -> M from #205 [1669936745167]

Judge has assessed an item in Issue 205 as M risk. The relevant finding follows: L01 - No check if EOARepresentative or EOARepresentativeOfNodeRunner is an EOA or a smart contract Impact A smart contract can end up being assigned as a smartWalletRepresentative. Such smart contract might not have...

distributeFees did not check if tokenId exist can lead to loss of asset

Lines of code Vulnerability details Impact distributeFees did not check if tokenId existed, can lead to loss of asset Proof of Concept inside Turnstile.sol file, the distributeFees function did not check if the tokenId exist or not. 148: function distributeFeesuint256 tokenId public onlyOwner...

compound could be used by uniswap stakers to maximize fees for AutoPxGmx users

Lines of code Vulnerability details Impact Anyone can call AutoPxGmx::compound. Hence a staker in the 10000 1% fee uniswap pool can call compound with that pool and take a larger fee from AutoPxGmx users maximizing their gains and griefing users. Proof of Concept fee chooses which uniswap pool to...

Price manipulation can lead to users lossing funds

Lines of code Vulnerability details H Price manipulation can lead to users lossing funds Impact Early malicious user will profit from future users' deposits while future users' will loose funds/value. Proof of Concept An early user can call the deposit function of any of the ERC4626 vaults with...

A malicious early user/attacker can manipulate the pxGmx's pricePerShare to take an unfair share of future user's deposits

Lines of code Vulnerability details Impact An attacker/early user can deposit 1 wei in the vault and increase the price per share by sending a very high value of the underlying directly to the vault, causing next vault depositors to: not be able to deposit less than the very high share price set ...

Rewards calculation does not consider GMX reward rate fluctuation

Lines of code Vulnerability details Impact The current time based px rewards calculation system is not accurate, and not fair for users. Due to GMX protocol reward rate fluctuation, px users stake and claim at different time could get less or more rewards they deserve. Some users could abuse the...

Add reward token existence check in order to avoid user reward lost.

Lines of code Vulnerability details Impact The user can lost his rewards if the reward token is removed from the producerTokensproducerToken.rewardTokens list. If the reward token is removed, the rewardToken length is going to be zero, the user rewards going to be zero and the for statement will...

evm_hooks ignores some important errors

Lines of code Vulnerability details Impact Some contracts and some Turnstile tokens nfts wll not be able to receive CSR fees forever. Proof of Concept In evmhooks.go, the PostTxProcessing will call h.processEventsctx, receipt to handle Register and Assign events from Turnstile contract first:...