Early contributor can always become majority of crowdfund leading to rugging risks.

Lines of code Vulnerability details Description Voting power is distributed to crowdfund contributors according to the amount contributed divided by NFT purchase price. Attacker can call the buy function of BuyCrowdfund / CollectionBuyCrowdfund, and use only the first X amount of contribution fro...

Early contributor can always become majority of crowdfund leading to rugging risks.

Lines of code Vulnerability details Description Voting power is distributed to crowdfund contributors according to the amount contributed divided by NFT purchase price. Attacker can call the buy function of BuyCrowdfund / CollectionBuyCrowdfund, and use only the first X amount of contribution fro...

Previously nominated delegate can reset the delegation

Lines of code Vulnerability details burn allows for previously recorded delegate to set himself to be contributor's delegate even if another one was already chosen. This can be quite material as owner choice for the whole voting power is being reset this way to favor the old delegate. Proof of...

ERC1155.isApprovedForAll(owner, receiver) logic means it is possible for an approved receiver to withdraw more shares than expected

Lines of code Vulnerability details In the Readme, it is mentioned a receiver can call withdraw on behalf of the shares owner we accept deposits and withdraws on behalf of other users, by using approve ERC1155 functions on withdraw, and recipient/owner params inside both deposit/withdraw function...

Missing Transfer Verification

Lines of code Vulnerability details Impact The ERC20 standard token implementation functions return the transaction status as a boolean. It is a good practice to check for the return status of the function call to ensure that the transaction was executed successfully. It is the developer's...

Unbounded proposal calls array length could cause DoS

Lines of code Vulnerability details Impact It's possible to render the governance and execution contract inoperable for a period of time and effectively kill some proposals due to execution failure, which will break the governance routine and function. This could be a mistake or on purpose. Proof...

An operator can steal an NFT after its listed

Lines of code Vulnerability details Impact The ArbitraryCallsProposal contract prevents calls to setApprovalForAll on NFTs the Party owns. If an NFT is listed, calls to setApprovalForAll via the ArbitraryCallsProposal contract will succeed because the Party isn’t in possession of the NFT. Anyone...

A majority attack can steal precious NFT from the party by crafting and chaining two proposals

Lines of code Vulnerability details Description The PartyGovernance system has many defenses in place to protect against a majority holder stealing the NFT. Majority cannot exfiltrate the ETH gained from selling precious NFT via any proposal, and it's impossible to sell NFT for any asset except...

this is a test

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps --- The...

You can give address(0) _mint(), confused with _burn()

Lines of code Vulnerability details Impact You can give address0 mint, confused with burn Proof of Concept For example, the Initialize of AuctionCrowdfund does not determine whether initialContributor is 0, so the address0 can be Mint tokenid. //contracts/crowdfund/AuctionCrowdfund.sol function...

PegOracle.sol#L59 : Issue with "price1" calculation.

Lines of code Vulnerability details Impact The calculated price1 could be negative or outdated one. This could affects the codes places wherever the latestRoundData is used to determine the price. one of the place is in Controller.solL261 - function getLatestPriceaddress token Proof of Concept...

[H3] Deposit ETH is not working as expected

Lines of code Vulnerability details Impact Deposit ETH deposit to msg.sender but not to receiver as stated in docs Proof of Concept Function depositETH at Vault.sol is not working as described in docs. @param receiver address of the receiver of the shares provided by this function, that represent...

[H1] Improper access control in withdraw at SemifungibleVault.sol

Lines of code Vulnerability details Impact Anyone can withdraw on behalf of approved user Proof of Concept Function withdraw at SemifungibleVault.sol has incorrect access control. As the owner is passed as a parameter anyone can call withdraw to a approved receiver. function withdraw uint256 id,...

Attacker can DOS private party by donating ETH then calling buy

Lines of code Vulnerability details Impact Party is DOS'd and may potentially lose access to NFT Proof of Concept Crowdfund.solL280-L298 party = party = partyFactory .createParty addressthis, Party.PartyOptions name: name, symbol: symbol, governance: PartyGovernance.GovernanceOpts hosts:...

Lack of check if token is a contract

Lines of code Vulnerability details Impact solmate won't check if the token is a contract or not. It's possible for an attacker to the create a vault for a non existing token with a deterministic address. The problem occurs if the token gets deployed later, and another user tries to use this toke...

[NAZ-M3] Use safeTransfer()/safeTransferFrom() instead of transfer()/transferFrom()

Lines of code Vulnerability details Impact It is a good idea to add a require statement that checks the return value of ERC20 token transfers or to use something like OpenZeppelin’s safeTransfer/safeTransferFrom unless one is sure the given token reverts in case of a failure. Failure to do so wil...

timewindow can be changed unexpectedly that blocks users from calling deposit function

Lines of code Vulnerability details Impact As shown by the following epochHasNotStarted modifier, which is used by the deposit function below, users can only deposit when block.timestamp modifier epochHa...

VaultFactory.sol : changeTreasury, changeTimewindow, changeController - all these function will not update the vault parameters as they are read from memory.

Lines of code Vulnerability details Impact Reading the vault in memory and updating its parameters will not update its values permanently. Proof of Concept Tools Used Manual code review. Recommended Mitigation Steps Read vault in storage instead of memory Update in following lines of codes. --- T...

mapping deletion will not remove the full content

Lines of code Vulnerability details mapping deletion will not remove the full content Summary A deletion in a structure containing a mapping will not delete the mapping see the Solidity documentation. The remaining data may be used to compromise the contract. Proof of Concept Navigate to the...

Locked ether

Lines of code Vulnerability details Impact In contract Party.sol there is a receive declared. This means that the contract can accept eth payments. But there is no function defined , to withdraw those sent ether. So if a user accidently sent ether to the contract, the ether would be locked, as...

A malicious user could stuck crowdfund ETH

Lines of code Vulnerability details Impact A user could freeze funds accumulated in a crowdfund and execute a "fake sale" that would be the approval of the token. Proof of Concept A group of users create a crowdfund, they raise money to buy the most good looking Bored Ape. An attacker would buy i...

Rounding errors can lead to wrong voting power

Lines of code Vulnerability details Impact The calculation of voting power in Crowdfund.getFinalContribution can lead to loss of voting power due to rounding errors. Tools Used Manual audit --- The text was updated successfully, but these errors were encountered: All reactions...

Admin can prevent deposits by manipulating timewindow

Lines of code Vulnerability details Impact The protocol is open to an administrator's maliciousness. Proof of Concept As we can see in this line, the contracts in this project has some sanity checks even for admin only calls. However, the administrator is free to change a hedge/risk pair timewind...

Return value of transferFrom() does not check

Lines of code Vulnerability details Impact Return value of transferFrom inside deposit function does not checked: function deposituint256 id, uint256 assets, address receiver public override marketExistsid epochHasNotStartedid nonReentrant returns uint256 shares // Check for rounding error since ...

A majority attack can easily bypass Zora auction stage in OpenseaProposal and steal the NFT from the party.

Lines of code Vulnerability details Description The PartyGovernance system has many defenses in place to protect against a majority holder stealing the NFT. One of the main protections is that before listing the NFT on Opensea for a proposal-supplied price, it must first try to be auctioned off o...

# Only part of keccak256() is used as hash, making it susceptible to collision attacks

Lines of code Vulnerability details At 2 places in the code only part of the output of keccak256 is used as the hash: At TokenDistributor - DistributionState.distributionHash15 - uses only a 15 bytes as a hash This one is intended to save storage At Crowdfund.governanceOptsHash a 16 bytes is used...

The delegation even if you have no VotingPower

Lines of code Vulnerability details Impact when you buy a new VotingPower. You need to undelegated them before the next proposal Proof of Concept -When Alice sell his NFT by calling transferFrom on PartyGovernanceNFT.sol. it will be set for the delegating to the previous delegator. but he actuall...

splitRecipient resulting voting power tend to be overstated

Lines of code Vulnerability details When burn computes the contributor's share via getFinalContribution and contributor = splitRecipient it transfers the whole share to the splitRecipient in advance, even when not all the voting power were allocated. I.e. some contributors might not burn and the...

Users can lose funds because It's possible to call withdraw() in Vault without call to endEpoch() by Controller.triggerEndEpoch(),

Lines of code Vulnerability details Impact users shouldn't be allowed to withdraw their funds before epoch settling down, and code should check that endEpoch has been called before allowing withdraw for that epoch. but right now withdraw only checks that epoch has been ended and this would happen...

Missing Check When Attempting to Check if the List of Precious Tokens are Correct

Lines of code Vulnerability details Impact There exists an issue where a missing check to ensure that the preciousTokens and preciousToksnIds list is the same length on line 1102 of the PartyGovernance.sol contract. This may lead to an inaccurate hash when attempting to run the execute function...

Hash result truncation

Lines of code Vulnerability details Description There is function hashFixedGovernanceOpts in Crowdfund contract and function getDistributionHash in TokenDistributor contract. The first one truncates the hash result to 16 bytes, the second to 15 bytes. Impact It is possible to find a collision for...

If noone deposit in one Vault, assets deposited to the other Vault will be locked.

Lines of code Vulnerability details Impact In each Vault epoch, idFinalTVL and idClaimTVL values is only set when someone call triggerDepeg or triggerEndEpoch from Controller. In case of depeg, we will swap assets of hedge and risk Vault. But if one Vault has noone deposited, idFinalTVL will be...

rewards stuck in StakingRewards because of division rounding error in notifyRewardAmount() and rewardPerToken() and updateReward()

Lines of code Vulnerability details Impact In all functions notifyRewardAmount and rewardPerToken and updateReward there is a division which cause division rounding error and make some rewards to stuck in contract and users don't get their rewards and so users would lose funds. Proof of Concept...

FIRST DEPOSITOR CAN BREAK MINTING OF SHARES

Lines of code Vulnerability details Impact The attack vector and impact is the same as TOB-YEARN-003, where users may not receive shares in exchange for their deposits if the total asset amount has been manipulated through a large “donation”. In the SemiFungibleVault.sol file, the allocation of...

Anyone can initialize contracts

Lines of code Vulnerability details Impact Party.initialize , CollectionBuyCrowdfund.initialize , BuyCrowdfund.initialize , AuctionCrowdfund.initialize are functions called with the onlyConstructor modifier . This allows these functions to only be called by a constructor function in any contract...

Divide before multiply may lead to loss of precision

Lines of code Vulnerability details Impact Solidity integer division might truncate. As a result, performing multiplication before division can sometimes avoid loss of precision. Details This would affect the dynamicQuorumVotes vote logic correct functioning Proof of Concept...

Governance NFT Voting power can be distributed unfairly after the party purchase the NFT because voting power distribution depends on the contribution NFT burning order

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Voting power can be distributed unfairly after the party purchase the NFT because voting power distribution depends on the contribution NFT burning order. For example, the NFT is purchased at price 1.5...

ArbitraryCallsProposal.sol and ListOnOpenseaProposal.sol safeguards can be bypassed by cancelling in-progress proposal allowing the majority to steal NFT

Lines of code Vulnerability details Note: PartyDAO acknowledges that "canceling an InProgress proposal mid-step can leave the governance party in a vulnerable or undesirable state because there is no cleanup logic run during a cancel" in the "Known Issues / Topics" section of the contest readme. ...

BuyCrowdfund.buy lacks access control

Lines of code Vulnerability details Impact Anyone can call BuyCrowdfund.buy and BuyCrowdfund.buy will call any function at any address and can send eth up to maximumPriceWhen maximumPrice is 0, all ETH in the contract can be sent. Consider maximumPrice = 70 ETH, the current seller's listing price...

TokenDistributor: ERC777 tokensToSend hook can be exploited to drain contract

Lines of code Vulnerability details Impact TokenDistributor.createERC20Distribution can be used to create token distributions for ERC777 tokens which are backwards-compatible with ERC20. However, this introduces a reentrancy vulnerability which allows a party to get the tokens of another party. T...

Malicious party active member can approve malicious contract to spend and steal party ERC1155 nft and ERC20 tokens via arbitrary proposal execution

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Let's look into the implementation in ArbitraryCallsProposal.sol // Check that the call is not prohibited. if !isCallAllowedcall, isUnanimous, preciousTokens, preciousTokenIds revert...

Why emergencyExecute() is required?

Lines of code Vulnerability details Impact Now PartyDAO multisig can steal all funds from all PartyGovernance instances If malicious user will get control over PartyDAO multisig, he will steal of funds from all projects Tools Used vs code Recommended Mitigation Steps Remove this funtion --- The...

The contract can transfer Ownership to the zero address.

Lines of code Vulnerability details Impact When we use transferOwnership or safeTransferOwnership to transfer contract ownership, there is the possibility of transferring ownership to the zero address. This will cause the owner to lose its ownership permanently. Proof of Concept In Ownable.sol...

Users retain votes from their delegated tokens

Lines of code Vulnerability details Impact When a user has undelegated tokens and delegates them to another user, the owner retains all votes for their tokens, while the delegatee also gains those votes. By chaining this attack together, this could allow a user to generate unlimited votes, taking...

User can generate unlimited votes through faulty transfer logic

Lines of code Vulnerability details Impact When tokens are transferred from one user to another, votes should be moved from the delegatee of the sender to the delegatee of the receiver. Instead, they are transferred from the sender to the receiver. Because the moveDelegateVotes function is...

Auction.sol : Treasury(payable) typecasting is missed before setting the treasury address

Lines of code Vulnerability details Impact The contract address will not be set with relevant properties, like payable and contract type. Proof of Concept Auction.solL79 : settings.treasury = treasury; Whereas, in Governor.sol, it is set properly. refer the line, Governor.solL74 : settings.treasu...

Bids can be created while paused

Lines of code Vulnerability details createBid allows for bid creation while the Auction is paused. As the latter happens on a system error mint failure, this can allow an attacker to interacts with the malfunctioning system. This at least can lead to misallocation of user's funds, i.e. freezing t...

Contracts that lock Ether

Lines of code Vulnerability details Impact When receive function, hasn't a revert all ethers send contracts will be locked forever. Proof of Concept Bob send ether to contract, funds were locked forever and Bob lost money. Tools Used manually Recommended Mitigation Steps Remove the payable...

Calling Governor.execute function without sending any ETH can withdraw general ETH funds from the Treasury contract

Lines of code Vulnerability details Impact When calling the following Governor.execute function, the Treasury.execute function is executed. Because Governor.execute is payable, ETH can be sent to the Treasury contract. function execute address calldata targets, uint256 calldata values, bytes...

Use safeTransfer to send ERC721 tokens

Lines of code Vulnerability details Impact Winner of the auction can lose his NFT Proof of Concept When you settle and auction you transfer the NFT using transferFrom token.transferFromaddressthis, auction.highestBidder, auction.tokenId; Maybe this is just an intended behaviour and is the...