The amountRemaining in withdrawAdmin() Function is Underflow

Lines of code Vulnerability details Impact allocatedTokens can get messed up when the amountRemaining in the withdrawAdmin function is underflowed in rare cases. This will make numTokensReservedForVesting will have a larger amount of funds compared to the funds in the token. This will make it...

beforeWithdraw() call syncRewards() results in incorrect nextRewards

Lines of code Vulnerability details Impact beforeWithdraw call syncRewards cause the number of "nextRewards" to be incorrect . if a large amount is withdraw at the end of the cycle, then the next cycle reward will incorrectly increase by the corresponding amount Proof of Concept when call...

Missing sanity check

Lines of code Vulnerability details Impact Missing sanity check on linearVestAmount Proof of Concept 1. Visit here 2. You are missing the sanity check on user inputted linearVestAmount 3. You need add the check on zero amount --- The text was updated successfully, but these errors were encountere...

Upgraded Q -> M from 496 [1663882181323]

Judge has assessed an item in Issue 496 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> M from 143 [1663859521800]

Judge has assessed an item in Issue 143 as Medium risk. The relevant finding follows: 2.ETHRegistrarController.register can pass any "resolver" and "data" parameters , then ETHRegistrarController do "functionCall " It is possible to pass malicious parameters example : resolver =...

Upgraded Q -> M from 238 [1663858577471]

Judge has assessed an item in Issue 238 as Medium risk. The relevant finding follows: 2. call should be used instead of transfer on an address payable Sometimes this kind of issue is considered as Medium risk. The use of the deprecated transfer function for an address will inevitably make the...

Attackers can mislead users to think they delegated their voting power to them

Lines of code Vulnerability details Impact The delegation of the voting power in the Crowdfund contract can be changed even after the party is created. If a user changes this delegation, it won't change the actual delegation, which can help attackers to mislead users into thinking they delegated...

fee could round down to 0

Lines of code Vulnerability details Impact fee and memberSupply calculation will be inaccurate. Proof of Concept // contracts/distribution/TokenDistributor.sol 352-353: uint128 fee = supply args.feeBps / 1e4; uint128 memberSupply = supply - fee; When supply is low, fee could round down to 0, whic...

Some of user funds stuck in contract because of division rounding error in beforeWithdraw()

Lines of code Vulnerability details Impact Function beforeWithdraw has been used in withdraw of Vault contract to calculates withdraw amount of users but because of division rounding error in this funds some user's funds would stuck in contract. Proof of Concept This is beforeWithdraw code:...

Unchecked Transfer

Lines of code Vulnerability details High Severity - Unchecked Transfer Line 167 of Vault.sol has an unchecked Transfer. Reference and recommendation from slither. Tools Used: Slither --- The text was updated successfully, but these errors were encountered: All reactions...

Owner can use changeTimewindow() in VaultFactory and deny other from depositing into the Vaults (As this parameter used in epoch start Time detection). owner can use this for his/her benefits when he sees there is an good opportunity. changing this parameters should be with time-lock mechanism

Lines of code Vulnerability details Impact Owner can control timewindow of a Vault and epoch and by that he can control deposits of others and owner can deny other from depositing into a Vault by increasing timewindow as if he saw any profit by that. changing this type of parameters should be don...

Non-contributor can force contributors to buy the NFT when the contributors no longer want to

Lines of code Vulnerability details Impact For a hyped NFT that is valuable to some users, these users can become contributors to contribute for this NFT through using the BuyCrowdfund contract. Yet, during the crowdfunding phase, the NFT's value drops sharply in which its price drops to 0. At th...

Unsafe ERC721 operations

Lines of code Vulnerability details Impact It is recommended to use safeTransfer and safeTransferFrom when transferring ERC721 and ERC20 token Tools Used Manual audit Recommended Mitigation Steps Use the safeTransfer and safeTransferFrom functions to transfer ERC721 and ERC20 tokens --- The text...

First depositor can break share minting

Lines of code Vulnerability details Impact Users will be unable to deposit their wished amount of tokens. Proof of Concept Similar to this ToB yearn audit, an attacker can mint a very small amount of shares and transfer a large amount of WETH to the contract, inflating the share price and making ...

Anyone could steal the funds

Lines of code Vulnerability details Impact Anyone can create a contract. and send all the funds if maximumPrice == 0 or at the list he can get the maximumPrice Proof of Concept Create a contract to send the funds to it Invoke buy on CollectionBuyCrowdfund.sol or BuyCrowdfund And it will transfer...

PegOracle reported fraction price is constructed to favor the depeg

Lines of code Vulnerability details Depeg event is defined as linked asset price being below the strike price in the terms of the underlying asset. However, the PegOracle aimed to report the fraction of the pegged asset to the underlying always reports the number below 1, no matter how prices are...

Problems with PegOracle

Lines of code Vulnerability details Impact There are at least a few problems with the PegOracle. I am grouping them into one submission because some of them are not that significant but the last one I believe deserves a higher severity. 1. Function latestRoundData queries getOracle2Price but...

Eth can be stucked in contract when NFT was gifted to party (AuctionCrowdfund.sol)

Lines of code Vulnerability details Impact We can call function finalize, which will claim the NFT if we won. After claiming the NFT, function will check if contract is the owner of NFT or not. if lastBid == 0 // The NFT was gifted to us. Everyone who contributed wins. lastBid = totalContribution...

Griefing attack on the Vaults is possible, withdrawing the winning side stakes

Lines of code Vulnerability details Anyone can withdraw to receiver once the receiver is isApprovedForAllowner, receiver. The funds will be sent to receiver, but it will happen whenever an arbitrary msg.sender wants. The only precondition is the presence of any approvals. This can be easily used ...

Vault does not verify that tokens were transferred successfully.

Lines of code Vulnerability details Impact If for some reason the ERC20 transfer is temporarily failing, the user could call deposit for free or if calling withdraw the user would totally lose his allocation and funds. All the state variables would already have been updated at this stage, so he...

Should call triggerEndEpoch() or triggerDepeg() first before withdrawing in testOwnerAuthorize()

Lines of code Vulnerability details Detail In Tests section, sponsors said they would like to assess if testOwnerAuthorize are failed due to a logic fault in the contracts or in testing. In this test case, it wants to check if users can approve to other address to help them call withdraw on Vault...

Fee = 0 in case supply is less then 10

Lines of code Vulnerability details In case supply is less then 10 fee will be always = 0, which is almost impossible with ETH but it's not 100% excludible with an ERC20 token in case it's value is very high and precision is low . A check that supply shall more then 10 shall be set. --- The text...

Some users won't be able to burn their crowdfund token to get their voting power

Lines of code Vulnerability details Impact User which is a contract who doesn't have a receive function can't burn his token to get the governance power, because ethOwed ether are transferred to him. This is correct even if ethOwed is 0. Tools Used Manual audit Recommended Mitigation Steps Consid...

[NAZ-H1] First depositor can break minting of shares

Lines of code Vulnerability details Impact The attack vector and impact is the same as TOB-YEARN-003, where users may not receive shares in exchange for their deposits if the total asset amount has been manipulated. Proof of Concept In SemiFungibleVault.solL143, the allocation of shares is...

recoverERC20() in StakingRewards shouldn't allow transfer of rewardToken because it belongs to users who stacked their funds and owner shouldn't be able to immediately withdraw those users funds

Lines of code Vulnerability details Impact rewardToken balance in StakingRewards contract is belongs to staking users and owner shouldn't be able to withdraw all balance of rewardToken immediately, because this can cause users to lose their funds if owner perform this action by intention or by...

Wrong Math for latestRoundData

Lines of code Vulnerability details Impact Mathematical equivalent of price1 and price2 numbers in latestRoundData function is incorrect Proof of Concept The following example returns incorrect results with numbers contract Test function latestRoundDatapublic view returns uint256 uint256 price1 =...

Attacker can force AuctionCrowdfunds to bid their entire contribution up to maxBid

Lines of code Vulnerability details Description AuctionCrowdfund's bid allows any user to compete on an auction on the party's behalf. The code in bid forbids placing a bid if party is already winning the auction: if market.getCurrentHighestBidderauctionId == addressthis revert...

Invalid Use of BODMAS in TokenDistributor.sol and PartyGovernanceNFT.sol

Lines of code Vulnerability details Invalid Use of BODMAS in TokenDistributor.sol and PartyGovernanceNFT.sol In contract TokenDistributor.sol we initializing the value of uint128 fee using a mathematical way but in a wrong manner their brackets are missing which will clear out the instance of usi...

[NAZ-M3] Use safeTransferFrom() instead of transferFrom() for ERC721 transfers

Lines of code Vulnerability details Impact The transferFrom method is used instead of safeTransferFrom, presumably to save gas. I however argue that this isn’t recommended because: OpenZeppelin’s documentation discourages the use of transferFrom, use safeTransferFrom whenever possible. Given that...

[NAZ-M1] No Storage Gap for Upgradeable Contract Might Lead to Storage Slot Collision

Lines of code Vulnerability details Impact For upgradeable contracts, there must be storage gap to "allow developers to freely add new state variables in the future without compromising the storage compatibility with existing deployments" quote OpenZeppelin. Otherwise it may be very difficult to...

No control for the future Airdrop

Lines of code Vulnerability details Impact You can't control the airdrop NFT on this contract PartyGovernance.sol. You can only control the preciousListHash Proof of Concept The execute is check that the precious list preciousTokenIds and preciousTokens is valid or not if...

Possible reentrancy attack on deposit function

Lines of code Vulnerability details Impact In deposit function the shares was calculated before the asset.safeTransferFrom. One possible scenario is when the supply it's 0totalSupplyid == 0, the retrun of convertToShares it's assets, if the asset is an ERC777 a contract sender could call again th...

PartyGovernance.disableEmergencyExecute() permanently disables emergencyExecute()

Lines of code Vulnerability details Impact PartyGovernance.disableEmergencyExecute will permanently disable PartyGovernance.emergencyExecute as there is no other means to toggle emergencyExecuteDisabled back to false. This means emergencyExecute can never be called once Proof of Concept Tools Use...

multiply users can contribution with one Token

Lines of code Vulnerability details Impact Users, don't have a Token for contribution but they can bypass this check easy Proof of Concept If the Crowdfund is private by using TokenGateKeeper.sol The contributor can contribution and then send the NFT or ERC20 to another user address. So two users...

Ambiguous situation exists for calling triggerDepeg and triggerEndEpoch functions when block.timestamp is set to epochEnd

Lines of code Vulnerability details Impact As shown by the following isDisaster modifier, which is used by the triggerDepeg function below, and the triggerEndEpoch function below, when block.timestamp is set to epochEnd, both of the triggerDepeg and triggerEndEpoch functions are allowed to be...

rewarding is not started after StakingRewards contract deployment and there is no specific time set for contract start time of rewarding, users stacked their funds has no way knowing when is rewarding is going to be started

Lines of code Vulnerability details Impact after StakingRewards the constructor logic set value for rewardRate and rewardsDuration but rewarding is not started for stackers and users has no way to find out when is rewarding going to be started. only reward Distributer can start rewarding process...

ERC20.sol is susceptible to classic ERC20 approve functionality front-running exploit

Lines of code Vulnerability details Proof of concept The problem is perfectly described here The tldr; is that if you approved a person to spend 100 tokens and then you want to decrease his allowance to 50, if he spends his 100 tokens allowance before you set his allowance to 50 he will be able t...

Arbitrary contract call allows attacker to steal from user's wallet

Lines of code Vulnerability details Impact In function prepareGate , in the following line : bool s, bytes memory r = addressgateKeeper.callcreateGateCallData; A call to an arbitrary contractgateKeeper with custom calldata createGateCallData is made in prepareGate, which means the contract...

Front-running of accept call

Lines of code Vulnerability details Description There is accept and veto functions in the PartyGovernance contract. The functions accepts the proposalId accept function also accepts snapIndex, which does not contain any information about the proposal itself. As a result, transactions of users can...

Chainlink's latestRoundData might return stale or incorrect results

Lines of code Vulnerability details Impact On Controller.sol and in PegOracle.sol we are using latestRoundData, but there is no check if the return value indicates stale data. This could lead to stale prices according to the Chainlink documentation: Proof of Concept Tools Used Visual Inspection...

withdrawal of staking doesnt check for epochs

Lines of code Vulnerability details Impact when unstaking the code doesnt check wether its the end of the epoch or not Proof of Concept Tools Used none Recommended Mitigation Steps check for end of epoch --- The text was updated successfully, but these errors were encountered: All reactions...

Tokens available to the TokenDistributor are not safe

Lines of code Vulnerability details Impact Any funds available to the TokenDistributor contract can be stolen. Via creating new distributions with a Party contract controlled by a hacker. When funds are in the TokenDistributor contract, for instance, transferred via the PartyGovernace.distribute...

User fund lost because they can't withdraw() their funds before epoch startTime and they have to stuck in positions that become unprofitable even when epoch is not started

Lines of code Vulnerability details Impact users deposit their funds in Vault when epoch is not started but as other users deposit funds too or price of pegged token changes users get different risk to reward and they may wants to withdraw their funds before epoch start time to get out of bad...

Proposer can double spend his votes as many times as he likes, rugging the party

Lines of code Vulnerability details Description Proposals are created using PartyGovernance's proposeproposal,.. function, and voted on thereafter using acceptproposalid,…. To make sure users don't vote twice, every proposal has hasVoted mapping to keep note of votes. The number of votes counted...

Improper access control in withdraw at Vault.sol

Lines of code Vulnerability details Impact Anyone can withdraw on behalf of approved user Proof of Concept Function withdraw at Vault.sol has incorrect access control. As the owner is passed as a parameter anyone can call withdraw to a approved receiver. This is the same logic used in...

Use safeTransferFrom() function instead of transferFrom()

Lines of code Vulnerability details Impact The transferFrom method is used in the contract PartyGovernanceNFT.sol, I however argue that this isn’t recommended because: OpenZeppelin’s documentation discourages the use of transferFrom, use safeTransferFrom whenever possible Given that any NFT can b...

[NAZ-M2] withdraw() Allows Anyone Withdraw Someone Else's Shares

Lines of code Vulnerability details Impact withdraw is meant for the owner or approved receiver to withdraw the owner's deposited assets and burn the owner's shares. It checks if msg.sender == owner OR if isApprovedForAllowner, receiver. If the owner has approved for all a receiver and someone...

Using transferfrom on ERC721 tokens

Lines of code Vulnerability details Impact In the function createParty of contract Crowdfund.sol, when transferring the acquired NFTs to the new party, the transferFrom function is called instead of safeTransferFrom. If the addressparty is a contract address that doesn't support ERC721 tokens , t...

havent specify the solidity compiler version, 8.15 and older version may lead to a mis encoded struct parameter

Lines of code Vulnerability details Impact the structure: struct ExecuteProposalParams uint256 proposalId; bytes proposalData; bytes progressData; bytes extraData; uint256 flags; IERC721 preciousTokens; uint256 preciousTokenIds; there are some unknown length elementbytes, in 8.15 and older...

[NAZ-H2] withdraw() does not update allowances

Lines of code Vulnerability details Impact withdraw is meant for the owner or approved receiver to withdraw the owner's deposited assets and burn the owner's shares. Since it does this for all of the owner's shares, the approved receiver should not be approved for all anymore after burning. Proof...