10190 matches found
Hardcoded USD pegs can be broken
Lines of code Vulnerability details Description The prices of USDC and USDT, which I assume are the underlying tokens of cUSDC and cUSDT, have been hardcoded to parity. Such practices are highly discouraged because while the likelihood of either stablecoin de-pegging is low, it is not zero. Becau...
The skim function allows to withdraw tokens for any address
Lines of code Vulnerability details Impact Any address can call the skim function and remove tokens that are in excess of the reserves of those tokens. This would lead to the loss of token 0 and 1. Recommended Mitigation Steps You should have an access control so that only the factory, for exampl...
Division before multiplication can lead to an error
Lines of code Vulnerability details Division before multiplication can lead to an error Impact LP token price can be half of actual price by this mistake. Proof of Concept For simplicity, let us say decimals is 1018. Prices can be nearly 1, but slightly smaller than 1. In that case, token0TVL = 0...
Divide before multiply
Lines of code Vulnerability details Divide before multiply Impact Solidity integer division might truncate. As a result, performing multiplication before division can sometimes avoid loss of precision. Details In general, this is a problem due to precision. In this case, it also affects...
Oracle may be relying on a low reserves pair, which is easy to manipulate
Lines of code Vulnerability details Impact While the observations isn't easy to manipulate, it's still possible to manipulate some of them using an MEV bot and some tokens. In case of a pair with low reserves, the manipulation is going to be cheaper and might be worth for an attacker. Since there...
# WRONG DESIGN/IMPLEMENTATION OF ADDLIQUIDITY() ALLOWS ATTACKER TO STEAL FUNDS FROM THE LIQUIDITY POOL
Lines of code Vulnerability details The current design/implementation of Vader pool allows users to addLiquidity using arbitrary amounts instead of a fixed ratio of amounts in comparison to Uni v2. We believe this design is flawed and it essentially allows anyone to manipulate the price of the po...
Missing checks for Comptroller can block expected/correct flows getUnderlyingPrice
Lines of code Vulnerability details Missing checks for Comptroller can block expected/correct flows getUnderlyingPrice Summary Zero address should be checked to be avoided Also a 2 steps assign would help to not going wrong or a check within a whitelist Details getUnderlyingPrice would be blocked...
USING SYMBOL FOR TOKEN IDENTIFICATION
Lines of code Vulnerability details Impact Proof of Concept An exploiter may create a fake tokens whose symbols are cNOTE, cUSDT or cUSDC. When somebody call computrolle’s liquidateCalculateSeizeTokens ,it will give an unlisted token with other token's it can be unlisted token or listed token...
Dividing before multiplying can cause data loss
Lines of code Vulnerability details Impact Note: I'll use the notation decimals here to represent 10 token.decimals, just like th variable defined in the BaseV1Router.getPriceLP function. In the BaseV1Router.getPriceLP function, the token0 TVL is calculated in terms of NOTE, by multiplying the TV...
[M03] Incorrect price calculation for non-stablecoin pairs marked as stable
Lines of code Vulnerability details Impact Pairs that don't have NOTE token but that are still marked as stable will always have an incorrect price calculated for them. Proof of Concept As it can be concluded from the code, stablecoin pairs are pairs with NOTE token: However, there's a separate...
Upgraded Q -> H from 9 [1662668273831]
Judge has assessed an item in Issue 9 as High risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...
TWAP LP price manipulation
Lines of code Vulnerability details Impact The total value locked sum of the pair is used to price the LP. But the reserves of the underlying can be easily influenced by flashloan, then the TVL can vary dramatically.Just like what happened before here Warp. Although getPriceLP use TWAP to calcula...
[M04] Incorrect price calculation for non-stable pairs without CANTO token
Lines of code Vulnerability details Impact A non-stable pair that doesn't have CANTO token will always have an incorrect price calculated for it. Proof of Concept The code assumes that all pairs are pairs with either NOTE or CANTO token: However, the createPair function doesn't require one of the...
WHEN PAIR TOKENS ARE ALL NOT NOTE OR WANCTO GETPRICELP() WILL PRODUCE WRONG LP TOKEN PRICE
Lines of code Vulnerability details Impact If pair tokens all is not wcanto or note ,it will calculate wrong lp price of getPriceLP . Proof of Concept with docs description,Canto Lending Market will allow LP tokens from Canto’s native decentralized exchange to be used as collateral ,and createPai...
Lack of minimal sufficient liquidity check can result in unreliable prices
Lines of code Vulnerability details function getPriceCantoaddress token internal view returnsuint erc20 token = erc20token; address pair = pairForaddresswcanto, addresstoken, false; if !isPairpair return 0; // this pair does not exist with Canto uint decimals = 10 token.decimals; // get decimals ...
Sudden price fluctuations occuring at a call to _update() will not be reflected by reserves(), sampleReserves() and sampleSupply() until after periodSize seconds
Lines of code Vulnerability details Impact Consider the situation where a token suddenly drops drastically in price in the market. Consider a call to BaseV1Pair.swap which makes a very large swap between the two tokens accurately reflecting the change in price and also causes a new observation to...
Comparison of tokens
Lines of code Vulnerability details Impact In function named getUnderlyingPrice the BaseV1Router01 contract desides price of the token by comparing tokens' symbol name with predefined constant. By passing custom token attacker can force returned value of getUnderlyingPrice function to be incorrec...
State variables written after the call
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The external function burn updates state variables balance0 and balance1 after safeTransfer has been called. This could potentially be exploited as an attacker could call the burn function multiple time...
Possible division loss during LpPricesCumulative calculation
Lines of code Vulnerability details Impact During the token0TVL calculation, it divides by decimals without multiplying 1e18 first. So there might be division loss and the price might be calculated wrongly. Proof of Concept When we calculate this part, it divides first without multiplying 1e18...
HARDCODED PRICES FOR STABLECOINS
Lines of code Vulnerability details Impact Hardcoded prices of stablecosins may open some arbitrage opportunities and produce many bad loans in CLM. Proof of Concept Hardcoding price of cUSDT and cUSDC as 1 may open some arbitrage opportunities when real price for each token is a little bit...
USE SAME SYMBOL CAN GET FAKED PRICE OF TOKEN
Lines of code Vulnerability details Impact it compare symbol to identify token,it can be exploit to produce fake price of token. Proof of Concept attacker can create a token which is like cToken and has symbol of cNOTE .When somebody call comptroller’s liquidateCalculateSeizeTokens ,it will give ...
LP token price calculation suceptible to oracle attack manipulation
Lines of code Vulnerability details Impact The current calculation of the LP token its no accurate. Currently you formula is a the sum of the underlying asset value; sumPiRi / supply Sumatory of each token prices times reserve, divided by total supply, but this is suceptible to oracle manipulatio...
blockTimestampLast not initialised to block.timestamp results in wrong calculations for reservesCumulative and totalSupplyCumulative in _update() function
Lines of code Vulnerability details Impact Default value of blockTimestampLast is 0 and affects the calculations done in the first call of update. observations would store the wrong value and affect subsequent calculations of price when a sample size that includes this wrong observation is taken...
Rounding error for low decimal token
Lines of code Vulnerability details Impact Some token has low decimal USDC has only 6, as a result, the rounding may introduce substantial error in stable pair calculation, causing wrong getAmountOut quote, at the end lead to fund loss in swap function. Malicious user can abuse the wrong quote to...
Unbounded loop on array can lead to DoS
Lines of code Vulnerability details Description: As this array can grow quite large, the transaction’s gas cost could exceed the block gas limit and make it impossible to call this function at all a push exist but there's no pop in the solution, that means it will continuously only push which wil...
Two-step change of privileged roles
Lines of code Vulnerability details Impact Lack of two-step procedure for critical operations is error-prone and can lead to irrevocable mistakes, might leave the system operationally with no/malicious privileged role. For example, when transfer admin role, in a single-step change, if the current...
reserve0CumulativeLast is incorrectly calculated
Lines of code Vulnerability details Impact It was observed that both reserve0CumulativeLast and reserve1CumulativeLast are incorrectly calculated. Reference can be taken from Uniswap contract which calculates it correctly at Proof of Concept 1. The reserve0CumulativeLast is currently calculated i...
Newton's iteration convergence might not converge
Lines of code Vulnerability details Impact In getAmountOut for stable pair, Newton's method is used, however there is no check for the solution convergence. The numerical stability for Newton's method only applies to initial value close enough to the real solution. If the iteration fail to...
Hardcoded prices are subject to be abused
Lines of code Vulnerability details Impact Hardcoded prices are subject to be abused which might address the protocol being drained. Proof of Concept There are 2 possible different issues of the Lending Protocol; 1. The attack surface/risk is not originated directly through the Canto protocol but...
Stable/non-stable pair creation mistake could be abused
Lines of code Vulnerability details Impact Stable and non-stable pair use different formula to calculate the invariant k. If a non-stable pair is treated as stable, or vice versa. $x^3y+y^3x$ behave quite differently compare with $xy$, on the edge of relative stable price range, price volatility...
Upgraded Q -> M from 167 [1662177851548]
Judge has assessed an item in Issue 167 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> M from 272 [1662178113276]
Judge has assessed an item in Issue 272 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> M from 167 [1662177846442]
Judge has assessed an item in Issue 167 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> M from 208 [1662178021917]
Judge has assessed an item in Issue 208 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> M from 202 [1662178014316]
Judge has assessed an item in Issue 202 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...
possibility of front-run on swap()
Lines of code Vulnerability details Impact The user swapper could lose all their money Proof of Concept 1- the user invokes swap with tokenIn == ohm 2- on this line MINTR.burnOhmaddressthis, amountIn; this user send their money to the TRSRY.sol 3- keeper invoke beat to update the price 4- here...
## block.timestamp used as time proxy
Lines of code Vulnerability details block.timestamp used as time proxy Summary: Risk of using block.timestamp for time should be considered. Details: block.timestamp is not an ideal proxy for time because of issues with synchronization, miner manipulation and changing block times. This kind of...
_movingAverage may drift
Lines of code Vulnerability details Impact The moving average is critical for the RBS-system. Its current calculation allows for compounding drift, randomly as well as maliciously, detaching from the true value, which invalidates the entire system, including affecting the way funds are handled...
The _movingAverage always have the same value as _movingAverage + (currentPrice / numObs)
Lines of code Vulnerability details Impact On updateMovingAverage the calculate new moving average is always movingAverage == movingAverage + currentPrice / numObs Proof of Concept 1- keeper invoke beat on Heart.sol 2- this PRICE.updateMovingAverage; to updating the moving average on the Price...
Non-standard/Malicious token transfers may cause loans not to be paid.
Lines of code Vulnerability details Impact Non-standard token transfers may cause loans not to be paid. Proof of Concept The TRSRY.sol has repayLoan function for the users to repay their loan as per the ERC20 token. The function is as below; function repayLoanERC20 token, uint256 amount external...
[NAZ-M1] Chainlink's latestRoundData Might Return Stale Results
Lines of code Vulnerability details Impact Across these contracts, you are using Chainlink's latestRoundData API, but there is only a check on updatedAt. This could lead to stale prices according to the Chainlink documentation: Historical Price data Checking Your returned answers The result of...
The users are not able to withdraw the swapped amount
Lines of code Vulnerability details Impact The user will invoke swap from Operator.sol to swap their OHM tokens. But he will transfer their OHM and will never get the AmountOut Proof of Concept On Operator.sol: 1- invoking swap with tokenIn == ohm 2- the ohm.safeTransferFrommsg.sender, addressthi...
Anyone can pass any proposal alone before first VOTES are minted
Lines of code Vulnerability details Impact Before any VOTES are minted anyone can activate and execute an arbitrary proposal even with 0 votes cast. So an attacker can pass any proposal i.e. change the executor + admin of the Kernel, gaining access to all permissioned functions and to funds held...
User with 33% votes held can execute self-endorsed Proposal
Lines of code Vulnerability details Impact Two issues here with one being low/medium and another being high severity. Not sure if it should be put into 2 separate reports. For OlympusGovernance contract in Governance.sol , a Proposal submitter can self-endorse a proposal they submitted themselves...
Unsafe downcast
Lines of code Vulnerability details Impact It's possible to generate silent overflows when downcasting. E.g. if the value if bigger than the type being cast, it will overflow starting from zero. Proof of concept For the Price.sol constructor, if observationFrequency is a small value and...
Zero approval missing
Lines of code Vulnerability details Impact Frontrunning is possible where user withdraw money before setApproval refill the approval limit. This allows User to get more funds than required Proof of Concept 1. User A is approved an amount of 50 2. "custodian" decides to reduce the approval amount ...
Proposals can be submitted and executed sucessfully when VOTES totalySupply is 0.
Lines of code Vulnerability details Impact When all contracts have been deployed and/or initialized, the OlympusVotes contract does not mint an initial token supply. This would allow users to be able to submit proposals, then vote and execute proposals if there has been no token supply totalSuppl...
TRSRY.sol is susceptible to ERC20 approve functionality front-running exploit
Lines of code Vulnerability details Proof of concept The problem is perfectly described here The tldr; is that if you approved a person to spend 100 tokens and then you want to decrease his allowance to 50, if he spends his 100 tokens allowance before you set his allowance to 50 he will be able t...
TRSRY: front-runnable setApprovalFor
Lines of code Vulnerability details Impact An attacker may be able to withdraw more than intended Proof of Concept Let's say the alice had approval of 100. Now the treasury custodian reduced the approval to 50. Alice could frontrun the setApprovalFor of 50, and withdraw 100 as it was before. Then...
In Governance.sol, it might be impossible to activate a new proposal forever after failed to execute the previous active proposal.
Lines of code Vulnerability details Impact Currently, if users vote for the active proposal, the VOTES are transferred to the contract so that users can't vote or endorse other proposals while the voted proposal is active. And the active proposal can be replaced only when the proposal is executed...