10190 matches found
Unchecked transfer/transferFrom return can lead to protocol lose of funds
Lines of code Vulnerability details Impact It is good to add a require statement that checks the return value of token transfers or to use something like OpenZeppelin's safeTransfer/safeTransferFrom unless one is sure the given token reverts in case of a failure. Failure to do so will cause silen...
Failed callhook will freeze user funds permanently
Lines of code Vulnerability details Impact If the call hook fails while finalizing the Inbound transfer, user funds will be locked forever with no way to retrieve. This could cause huge fund loss for users moving fund from L1 to L2 Proof of Concept 1. User A makes a transfer from L1 to L2 using...
ERC20 return values not checked
Lines of code Vulnerability details Vulnerability details Some tokens like USDT don't correctly implement the EIP20 standard and their transfer/transferFrom function return void instead of a success boolean. Calling these functions with the correct EIP20 function signatures will always revert...
Upgraded Q -> M from 418 [1665255821676]
Judge has assessed an item in Issue 418 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...
The L1GraphTokenGateway does not work on non-standard compliant tokens like USDT
Lines of code Vulnerability details Vulnerability details The L1GraphTokenGateway function uses the standard IERC20 function for the transfer call and proceeds with a checkReturnCode function to handle non-standard compliant tokens that don't return a return value. However, this does not work as...
Upgraded Q -> M from 193 [1665109261242]
Judge has assessed an item in Issue 193 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> M from 657 [1664812795523]
Judge has assessed an item in Issue 657 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> M from 657 [1664812805667]
Judge has assessed an item in Issue 657 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> M from 657 [1664812813577]
Judge has assessed an item in Issue 657 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...
After pool is initialized, user can perform a sandwich attack through front-running and back-running mint transaction by calling swap function twice to manipulate initial price to be much different than market price and gain much more of output token than expected
Lines of code Vulnerability details Impact After the following initialize function is called, the pool does not own any of the tokens at that moment since the mint function below is not called yet. When the mint transaction is sent, a malicious user can notice it in the mempool and front-run it b...
AlgebraPoolDeployer.sol#L50-L51 : After the pool deployment, the memory of "parameters's" members are not cleaned.
Lines of code Vulnerability details Impact As the memory of previous members are not cleared, this can cause unexpected result when deploying subsequent pools. Proof of Concept. parameters = ParametersdataStorage: dataStorage, factory: factory, token0: token0, token1: token1; pool = addressnew...
Missing slippage control system. Users may lose a lot of funds due to front-running MEV bots.
Lines of code Vulnerability details Impact Missing slippage control system. Users may lose a lot of funds due to front-running MEV bots. It has liquidityDesired or amountRequired but these parameters are only used in output amount calculation. It isn't used to prevent the output amounts from...
Frontrunning initialize to negatively affect first liquidity provider possible
Lines of code Vulnerability details Impact The initialize-function of an AlgebraPool can be frontrun to set an arbitrary initial price. This will negatively affect the first person to add liquidity to the pool. Proof of Concept There are no restrictions on the AlgebraPool.initializeprice function...
Type Error
Lines of code Vulnerability details Impact Type Error Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Foundry - Forge Recommended Mitigation Steps Consider changing uint to int and ...
Minting LP for a token pair that contains a fee on transfer token will cause partial loss of funds for other token in pair
Lines of code Vulnerability details Impact Partial loss of funds for other token in pair with fee on transfer token Proof of Concept AlgebraPool.solL458-L467 liquidityActual = liquidityDesired; if receivedAmount0 amount0 liquidityActual = uint128FullMath.mulDivuint256liquidityActual,...
getOrCreatePosition doesn't work as expected
Lines of code Vulnerability details getOrCreatePosition doesn't work as expected Impact Function getOrCreatePosition doesn't assign any value to positions, it just return the value from some key, leading to incorrect expected values and wrong functionality Proof of Concept function...
User can steal output token when input token is a rebasing token in which algebraSwapCallback can be called to expand total supply of the rebasing token
Lines of code Vulnerability details Impact When calling the swap function below, the following swapCallback function is further called for calling the algebraSwapCallback function in the callee contract that is msg.sender; such contract does not have to be a shared router and can be separately...
AlgebraPool.sol#L488 : onlyValidTicks modifier is missing for function
Lines of code Vulnerability details Impact Invalid ticks can be allowed for collection. Proof of Concept function collect address recipient, int24 bottomTick, int24 topTick, uint128 amount0Requested, uint128 amount1Requested external override lock returns uint128 amount0, uint128 amount1 Position...
After a swap, user can lose input token amount while receiving no output token amount when output token becomes non-existent
Lines of code Vulnerability details Impact When calling the swap function below, the following safeTransfer function is further called for transferring the corresponding value of token from the pool to the recipient. Note that safeTransfer does not check for the existence of the token contract...
Lack of check for contract existance can cause loss of funds during transfers
Lines of code Vulnerability details Impact The current transfers will not check if the to address is for an existing token contract. This can cause loss of funds if an user attempts to make a swap for a tokens added to a pool and destructed later. Proof of Concept TokenA gets added to a pool The...
Anyone who is malicious can front-run initialize transaction to set pool's initial price to a value that deviates quite a lot from market price, which discourages users from using the pool and makes the pool useless
Lines of code Vulnerability details Impact Calling the following initialize function sets the initial price for the pool. Setting the initial price to be similar to the current market price would encourage users to use the pool. Yet, the initialize transaction is vulnerable to front-running. For...
It is possible that, after swapping, extra input token amount is transferred from user to pool but pool does not give user output token amount that corresponds to the extra input token amount
Lines of code Vulnerability details Impact When calling the swap function below, the following swapCallback function is further called for calling the algebraSwapCallback function in the callee contract, which is msg.sender; such contract could be implemented by a third party especially for...
fake flash loan can grief the pool
Lines of code Vulnerability details there is a scenario where an attacker/griefer can use flash function and trick the pool to think he has paid the flash and the fee while he was only paying back the flash. about double/multiple erc20 tokens : some erc20 tokens have multiple entry points . those...
Variables used in the assembly have not been cleaned up
Lines of code Vulnerability details Description There is function getOrCreatePosition from AlgebraPool contract and function nextTickInTheSameRow from TickTable library. Both of them accept int24 parameters and process them inside of assembly. According to Solidity documentation, there is no...
AlgebraPool.sol#L501-L507 : position.fees are updated without checking whether the amount value is greater than zero or not
Lines of code Vulnerability details Impact Incorrect fee update if any one of the amount is zero. Proof of Concept if amount0 | amount1 != 0 position.fees0 = positionFees0 - amount0; position.fees1 = positionFees1 - amount1; if amount0 0 TransferHelper.safeTransfertoken0, recipient, amount0; if...
Swaps could be blocked temporarily
Lines of code Vulnerability details Impact In the swap and swapSupportingFeeOnInputTokens functions the community fee payment is called by the function payCommunityFee. The payCommunityFee will fail if the vault address is 0x0 and all the swap will be reverted by the safeTransfer. The...
[NAZ-M2] Missing Time locks
Lines of code Vulnerability details Impact When critical parameters of systems need to be changed, it is required to broadcast the change via event emission and recommended to enforce the changes after a time-delay. This is to allow system users to be aware of such critical changes and give them ...
Initial price for the pool can be set by anyone
Lines of code Vulnerability details Impact The initial price for the pool can be initiated by anyone because there is no modifier existed to block anyone from calling initialize function. Proof of Concept function initializeuint160 initialPrice external override requireglobalState.price == 0, 'AI...
The invalid output amount is not checked while swapping
Lines of code Vulnerability details Impact The invalid output amount is not checked while swapping. If calculateSwapAndLock returns a positive amount for both amount0 and amount1, the user may need to pay both input and output tokens to the pool resulting in the loss of funds. Proof of Concept...
Incorrect volatility on range calculation
Lines of code Vulnerability details Impact Incorrect calculation of volatility impairs the adaptive swap fee calculation. Actual swap fees may be bigger or smaller than expected. Proof of Concept According to the Tech Paper, volatility during the period $\Delta t$ is calculated as follows:...
Output token shouldn't be pulled from the caller in the swap
Lines of code Vulnerability details Impact Output token shouldn't be pulled from the caller in the swap. Since the output token shouldn't be sent to the caller when performing a swap as it is the token that the user should be received, it will always revert if the amount of output token...
The protocol doesn't support fee-on transfer tokens
Lines of code Vulnerability details Impact There are ERC20 tokens that may make certain customizations to their ERC20 contracts. One type of these tokens is deflationary tokens that charge a certain fee for every transfer functions. So if the implementing contract doesn't takes this fee into...
Infinity loop can lead to denial of service
Lines of code Vulnerability details Impact Infinity loop can lead to denial of service Proof of Concept Tools Used None. Recommended Mitigation Steps Refactor code if is possible. --- The text was updated successfully, but these errors were encountered: All reactions...
Use of globalState.unlocked state change outside lock modifier allows for Re-entrancy which would cause huge loss to pool
Lines of code Vulnerability details I guess I can put this into one report since the issue affects two seperate functions in a contract. Impact The functions AlgebraPool.swap and AlgebraPool.swapSupportingFeeOnInputTokens attempt to not use the lock modifier to update the globalState.unlocked sta...
initialize function can be frontrunnable
Lines of code Vulnerability details Impact The initialize function has no access control implemented. Anyone can call the function. Due to this, an attacker may be able to frontrun the function and may cause unintended issues. Proof of Concept Tools Used Manual review Recommended Mitigation Steps...
Attackers can prevent the creation of pools
Lines of code Vulnerability details Impact A malicious attacker can permanently prevent users from creating pools of certain token pairs. Proof of Concept The deploy function in AlgebraPoolDeployer.sol uses a salt while deploying a new AlgebraPool: 44: function deploy 45: address dataStorage, 46:...
[NAZ-M3] initialize() Can be Front-Run
Lines of code Vulnerability details Impact AlgebraPool.sol is deployed and initialized in two different transactions. This allows an attacker to be able front-run the AlgebraPool.sol's initialize after it's deployed. Proof of Concept The attacker can do this for two different reasons: 1. Price =...
Frontrunning the initialize function can drain the LP initial deposit
Lines of code Vulnerability details Impact An attacker can frontrun the initialize function in AlgebraPool.sol to set an unexpected price and can cause loss of funds for the initial LP deposit. Proof of Concept function initializeuint160 initialPrice external override requireglobalState.price == ...
Missing zero value check in AlgebraPool.initialize() would cause reverts preventing minting and swapping.
Lines of code Vulnerability details Impact The initialize function in AlgebraPool contract sets the globalState price and tick for the Algebra Pool. However, due to a missing check to ensure the price is not set to zero, a revert would occur always when calculating amounts for liquidity in...
tickCumulative may be overflow. New timepoints can't be created and the system will be completely broken.
Lines of code Vulnerability details Impact tickCumulative may be overflow. New timepoints can't be created and the system will be completely broken. Proof of Concept Write function call createNewTimepoint. createNewTimepoint increases cumulative value. function createNewTimepoint Timepoint memory...
AlgebraPool ERC20 Tokens with fee on transfer are not supported
Lines of code Vulnerability details AlgebraPool ERC20 Tokens with fee on transfer are not supported Vulnerability details There are ERC20 tokens that charge fee for every transfer / transferFrom. TransferHelper.safeTransfer relies on ERC20.transfer AlgebraPool.solswap assumes that the received...
computeAddress does not follow the standard procedure to compute the address. The contract can not create pool for some pairs due to hash collision
Lines of code Vulnerability details Impact Poor source of randomness, an attacker can easily decipher the computed address. The contract can be easily tricked. This can cause hash collision, due to this, for some pairs, the contract can not create pool. Proof of Concept AlgebraFactory.solL123 : T...
Type safety issue in https://github.com/code-423n4/2022-09-quickswap/blob/main/src/core/contracts/libraries/FullMath.sol
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Tools Used Foundry - forge. Recommended Mitigation Steps change the ln. 59 to uint256 twos = typeuint256.max - denominator + 1 & denominator; --- The text was updated successfully, but...
Unprotected address(this) checks allow attacker to delegatecall from another contract to spoof values such as the token balances of AlgebraPool instances
Lines of code Vulnerability details Description: AlgebraPool token balance checks are intended to exclusively read the token balances of the AlgebraPool instance. However, it is possible for an attacker to make a delegatecall into one of the methods reading the token balance, overriding the...
FLASH() FUNCTION HAS STATE UPDATES AFTER A CALLBACK TO MSG.SENDER
Lines of code Vulnerability details In AlgebraPool.sol, the flash function has a callback to the msg.sender in the middle of the function while there are still updates to state that take place after the callback. The lock modifier guards against reentrancy but not against cross function reentranc...
Malicious users can provide liquidity on behalf of others to keep others in the liquidity cooldown
Lines of code Vulnerability details Impact In the AlgebraPool contract, when the user provides liquidity via the mint function, the lastLiquidityAddTimestamp is updated to the current time. position.liquidity, position.lastLiquidityAddTimestamp = liquidityNext, liquidityNext 0 ? liquidityDelta 0 ...
“Just-In-Time” liquidity providing protection can be used to DOS user withdrawals and mints
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept AlgebraPool.solL227-L230 uint32 liquidityCooldown = liquidityCooldown; if liquidityCooldown 0 requireblockTimestamp - lastLiquidityAddTimestamp = liquidityCooldown; The code above from...
IMPORTANT STATE UPDATES ARE MADE AFTER THE CALLBACK IN THE MINT() FUNCTION
Lines of code Vulnerability details In AlgebraPool.sol, the mint function has a callback to the msg.sender in the middle of the function while there are still updates to state that take place after the callback. The lock modifier guards against reentrancy but not against cross function reentrancy...
Integer overflow in AdaptativeFee
Lines of code Vulnerability details Impact You have to take into account that when using a pragma lower than 0.8.X there is no compiler protection against any overflow. The method AdaptiveFee.exp is vulnerable to an integer overflows. Proof of Concept Using the following recipe: x = uint256.Max g...
The price be manipulated when the liquidity is thin because the flashloan feature and swap feature are present at the same time in algebra pool
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. the price curve pool in the application is xy = k with price range and centralized liqudiity, when the liquidity is thin, the price can be easily manipulated at the favor of malicious user because the...