Minter.sol#_executeInflationRateUpdate() inflationManager().checkpointAllGauges() is called after InflationRate is updated, causing users to lose rewards

Lines of code Vulnerability details When Minter.solexecuteInflationRateUpdate is called, if an INFLATIONDECAYPERIOD has past since lastInflationDecay, it will update the InflationRate for all of the gauges. However, in the current implementation, the rates will be updated first, followed by the...

it's possible to initialize contract BkdLocker for multiple times by sending startBoost=0 and each time different values for other parameters

Lines of code Vulnerability details Impact function initialize of BkdLocker suppose to be called one time and contract initialize one time. but if it's called by startBoost=0 then it's possible to call it again with different values for other parameters. there are some logics based on the values...

Any user can start inflation for Minter.sol

Lines of code Vulnerability details Submitting as a high risk bug because it is equivalent to calling startInflation which is a function reserved for only governance to call and it drastically alters token distribution Impact Bypass governance only call restriction and cause immediate inflation...

Contracts allow users to steal latent funds as their own

Lines of code Vulnerability details Impact Users that accidentally send Ether to contracts, or have rebasing rewards that the contract has stole because it doesn't properly track rebasing tokens, have their funds now latent stolen, so they can't be returned by an admin. Proof of Concept One examp...

THE FIRST AMM STAKER MAY NOT RECEIVE ACCORDING REWARDS BECAUSE OF POOR CHECKPOINTS

Lines of code Vulnerability details Impact The first staker within the AmmGauge may not get the rewards if the pool is not checkpointed right after he stakes and before he wants to claim the rewards. Proof of Concept A testing environment that reproduces how the protocol is going to be deployed a...

[WP-H1] OrderFulfiller.sol#_applyFractionsAndTransferEach() Orders with offerItem.itemType == ItemType.NATIVE are not processed properly

Lines of code Vulnerability details // Reduce available value if offer spent ETH or a native token. if offerItem.itemType == ItemType.NATIVE // Ensure that sufficient native tokens are still available. if amount etherRemaining revert InsufficientEtherSupplied; // Skip underflow check as a...

Malicious offerers can easily create lots of invalid offers

Lines of code Vulnerability details Impact Creating an offer is pretty convenient in Seaport. Offerers don’t have to give the offered items to Seaport. They just need to make sure that when someone tries to fulfill their order, they already set the sufficient approvals. However, this convenience...

_verifyProof allows empty proofs (allows malleable transactions)

Lines of code Vulnerability details Impact verifyProof allows empty proofs and in that case it expects the leaf to equal the root, because no hashing and iteration is taking place. The purpose of the tree is to hold multiple accepted tokenIds, where the consideration contains one and proving its...

uint256 => uint120 silent overflow

Lines of code Vulnerability details When converting a number from uint256 to a smaller type, solidity truncates it without raising errors. In our case, this operation is performed when saving numerator and denominator to the storage variable orderStatusorderHash code link...

More than 1 zero address token in burnToTarget may lead to draining of FeeBurner.sol

Lines of code FeeBurner.solL43-L88 Vulnerability details Impact The burnToTarget function in FeeBurner.sol allows any array of tokens to be used. If the tokens array contains more than 1 zero address, the swapAll function for the swapperRouter will be called more than once with the same msg.value...

Vote locking should block wrapper contracts

Lines of code Vulnerability details The reason that users are given boosted rewards for locking their governance tokens is that by making them illiquid for a set amount of time, the supply available to be sold is restricted, and users buying the token are more able to push the price up. Impact By...

Can avoid paying for additional recipients' consideration items due to out of bounds read for additionalRecipients

Lines of code Vulnerability details Impact The assertConsiderationLengthIsNotLessThanOriginalConsiderationLength call is off-by-one for the parameters.additionalRecipients.length + 1. // requires parameters.additionalRecipients.length + 1 = parameters.totalOriginalAdditionalRecipients...

Integer Overflow in Nonce Possible Via EIP 1271 Compliant Contract

Lines of code Vulnerability details Impact The current NonceManager deployed version does not expect a nonce to go as high to actually trigger an integer overflow and is therefore, unchecked. However, it is completely possible to have the nonce go as high with EIP 1271 contracts that hold the NFT...

Order partial fulfilling can be blocked by the first fulfiller

Lines of code Vulnerability details DOS attack is possible as OrderValidator.validateOrderAndUpdateStatus sets order's numerator and denominator based on an arbitrary fulfiller provided input. When there is a large bulk sale, an attacker can become one of the first buyers partial fulfillers and s...

Fulfill transactions that are not protected with a deadline may lead to unfavorable trade.

Lines of code Vulnerability details Impact A fulfill transaction of order with descending/ascending amount should be protected by the deadline. The price of an order with a descnding amount is sensitive to the time. Letting users make such a trade without providing the deadline would lead to...

Does not set the offerer as the recipient if execution amount is nonzero

Lines of code Vulnerability details Impact Order structures will be corrupted through invalid fulfillment application logic. Proof of Concept Tools Used Manual inspection Recommended Mitigation Steps Change to // Set the offerer as the receipient if execution amount is nonzero. if...

_transfer#Executor.sol not checking all enum values

Lines of code Vulnerability details Impact Transaction can revert or have unexpected behaviour Poc In transferexecutor.sol you are checking Itemtype values Itemtype.NATIVE, Itemtype.ERC20 and Itemtype.ERC721 after then the last else clause assumes that the Itemtype is a ERC1155. else @audit assum...

Restricted Trades Vulnerable to Stolen Items Being Traded

Lines of code Vulnerability details Impact The current contract does not check for stolen items. Traditionally, Opensea has frozen items that are stolen based on its stolen item policy. It was possible to do so on Opensea at the UI level. However, with Seaport, anyone can list a restricted trade...

[WP-H0] Unsafe type casting for the order's denominator and numerator may allow the attacker to buy more than the offered amount from the seller against the seller's will

Lines of code Vulnerability details orderStatusorderHash.numerator = uint120 filledNumerator + numerator ; orderStatusorderHash.denominator = uint120denominator; When an order is filled partially, the order's denominator and numerator will be updated in...

Compromised Channel Can Compromise ALL NFTs and Tokens

Lines of code Vulnerability details Impact The contest IN SCOPE section clearly states that offer items can only be transferred by a conduit that only has Seaport set as a channel. However, this condition is not true. If a compromised channel is added to a conduit, then ALL the NFTs and tokens th...

wrong reward distribution and user fund lose if migrate() is called with current rewardToken by mistake or intentionally

Lines of code Vulnerability details Impact It's possible to call migrate function of BkdLocker with newRewardToken value equal to current rewardToken and there is no check to prevent this. and if this happens then userCheckpoint will calculated reward double times for rewardToken, one time becaus...

Minter.sol#startInflation() can be bypassed

Lines of code Vulnerability details function startInflation external override onlyGovernance requirelastEvent == 0, "Inflation has already started."; lastEvent = block.timestamp; lastInflationDecay = block.timestamp; As lastEvent and lastInflationDecay are not initialized in the constructor, they...

A malicious filler can fill a partial order in such a way that the rest cannot be filled by anyone

Lines of code Vulnerability details Impact For filling a partial order, because Seaport accepts any representation of a fraction, a malicious filler can provide a giant fraction unreduced. This would severely limit what orders can be filled afterwards and in some cases making any more fills...

Can overfill orders

Lines of code Vulnerability details Impact There's a bug in the partial order filling that allows an attacker to overfill any order fill more than the total size of the order. This bug happens because the fractions are stored as uint120s in orderStatus but intermediate computations to scale the...

Fees from delisted pool still in reward handler will become stuck after delisting

Lines of code Vulnerability details Impact Unclaimed fees from pool will be stuck Proof of Concept When delisting a pool the pool's reference is removed from address provider: Burning fees calls a dynamic list of all pools which no longer contains the delisted pool: Since the list no longer...

Proof for NFT with token id = 0 won't be checked

Lines of code Vulnerability details Impact The proof criteria for NFTs with a zero token id won't be checked, because of a zero token id represents an item with no criteria. Proof of Concept This if check skips the check for the proof of NFT with token id = 0. if identifierOrCriteria != uint2560 ...

Upgraded G -> H from 10 [1654286526568]

Judge has assessed an item in Issue 10 as High risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

call() should be used instead or transfer() on an address payable

Lines of code Vulnerability details This is a classic Code4rena issue: code-423n4/2021-04-meebits-findings2 code-423n4/2021-10-tally-findings20 code-423n4/2022-01-openleverage-findings75 Impact The use of the deprecated transfer function for an address will inevitably make the transaction fail...

RewardHandler.soland FeeBurner.sol will fail due to inexistent AddressProvider.sol getter functions

Lines of code Vulnerability details Impact FeeBurner.burnToTarget and RewardHandler.burnFees will fail every time because addressProvider.getSwapperRouter, addressProvider.getBKDLocker and addressProvider.getFeeBurner are not implemented in AddressProvider.sol. Proof of Concept getSwapperRouter,...

Verifying criteria is prone to known merkle proof attacks

Lines of code Vulnerability details The Merkle hash root does not indicate the tree depth, enabling a second-preimage attack in which an attacker creates a document other than the original that has the same Merkle hash root. For the example above, an attacker can create a new document containing...

uint120 overflow for partially fillable orders in OrderValidator.sol

Lines of code Vulnerability details Repo commit referenced: 49799ce156d979132c9924a739ae45a38b39ecdd Impact In the lines OrderValidator.solL223-L239 where the orderStatus for an orderHash gets updated: orderStatusorderHash.numerator = uint120 filledNumerator + numerator ;...

Deposit doesn't initialize WithdrawalMeta

Lines of code Vulnerability details Impact Though LiquidityPool.sol is not in scope, this is related to the PoolMigrationZap.migrate which performs deposits into new pools. The deposit functionality of LiquidityPool.sol does not set the withdrawalMeta for the depositor, meaning that their...

QA Report

Reinitalisation in BkdLocker.sol In the initialize function, the only check is made that the current startBoost value is zero, if zero is passed then this allows the function to be reinitialised and potentially modifying other variables which should remain constant. Consider making a check that t...

Caller always pays for ETH even for ETH offer items

Lines of code Vulnerability details Impact It's possible to create ItemType.NATIVE offer items that the offerer should pay for but this is not possible as only the caller fulfiller can send native tokens ETH when fulfilling an order. Therefore, this item type does not make sense in an offer. The...

Wrong items length assertion in basic order

Lines of code Vulnerability details When fulfilling a basic order we need to assert that the parameter totalOriginalAdditionalRecipients is less or equal than the length of additionalRecipients written in calldata. However in prepareBasicFulfillmentFromCalldata this assertion is incorrect L346: /...

LidoVault: require(msg.value == 0);

Reference: 2 Impact 8 Consider adding here requiremsg.value == 0; since it is non-ETH token. Affected code: --- The text was updated successfully, but these errors were encountered: All reactions...

StakerVault.unstake(), StakerVault.unstakeFor() would revert with a uint underflow error of StakerVault.strategiesTotalStaked, StakerVault._poolTotalStaked.

Lines of code Vulnerability details Impact StakerVault.unstake, StakerVault.unstakeFor would revert with a uint underflow error of StakerVault.strategiesTotalStaked, StakerVault.poolTotalStaked. Proof of Concept Currently it saves totalStaked for strategies and non-strategies separately. uint...

infalting the price of tokens to your benfit and no reentracy gaurd you can make your own function for stakefor

Lines of code Vulnerability details Low: you can mint a lot of tokens to contract and inflating the price of tokens and if there is no of getting tokens out of the contract plus if in stakefor function call the function aboves and since there checks and effects patterns are not implemented or...

safetransferfrom a user has to give allowance to make the function work

Lines of code Vulnerability details i ssue dos with revet because of no allowance dont use safetrafserfrom where is this contract giving allowance to users if a user has zero allowance of the function will fail IERC20veAsset.safeTransferFrommsg.sender, addressthis, amount; Because you would have ...

_aggregateValidFulfillmentConsiderationItems() can be tricked to accept invalid inputs

Lines of code Vulnerability details Impact The aggregateValidFulfillmentConsiderationItems function aims to revert on orders with zero value or where a total consideration amount overflows. Internally this is accomplished by having a temporary variable errorBuffer, accumulating issues found, and...

Total Supply is not guaranteed and is not deterministic.

Lines of code Vulnerability details Impact The actual total supply of the token is random and depends on when executeInflationRateUpdate is executed. Proof of concept The README and tokenomic documentation clearly states that “The token supply is limited to a total of 268435456 tokens.”. However...

Gauge Rewards Stuck In VoterProxy Contract When ExtraRewardStashV3 Is Used Within Angle Deployment

Lines of code Vulnerability details Note: This report aims to discuss the issue encountered when ExtraRewardStashV3 is used within Angle Deployment. There is also another issue when ExtraRewardStashV2 is used within Angle Deployment, but I will raise it in a separate report since ExtraRewardStash...

totalSupply will revert

Lines of code Vulnerability details Impact The line for uint256 i = epochindex - 1; i + 1 != 0; i-- relies on uint256 underflow and overflow, which would revert in solidity ^0.8.0 Proof of Concept function totalSupply external view returns uint256 supply uint256 currentEpoch =...

_aggregateValidFulfillmentOfferItems() can be tricked to accept invalid inputs

Lines of code Vulnerability details Impact The aggregateValidFulfillmentOfferItems function aims to revert on orders with zero value or where a total consideration amount overflows. Internally this is accomplished by having a temporary variable errorBuffer, accumulating issues found, and only...

attacker can steal funds from staker contract and this contract)with decrease allownace frontrunning

Lines of code Vulnerability details IERC20veAsset.safeTransferFrommsg.sender, staker, amount IERC20veAsset.safeTransferFrommsg.sender, addressthis, amount; safetransferfrom to work without a revert which is a side issue dos from revert safetransferfrom-msg.sender has to give allownace to the...

attacker or user can take advantage of percsion error and effect staking

Lines of code Vulnerability details uint256 unlockAt = block.timestamp + maxTime; unlock uninweeks can have precision issues because no floating point variables in solidity so if unlockat is 10.32 is 10 /week 3 it will 3 3 =9 instead of almost 4 weeks so users can unlock before the time they...

Missing inheritance makes fulfillBasicOrder() in Consideration.sol non-functional

Lines of code Vulnerability details Impact fulfillBasicOrder in Consideration.sol would not function properly since the call in line 83 - validateAndFulfillBasicOrder is not possible as there's no existing function for it due to a missing inheritance. Users will not be able to fulfill any Basic...

user can pay alot of money with out getting his tokens

Lines of code Vulnerability details lockveasset function: lockveasset functoin should do some transfer but if that dosnt happen then user can can loose alot of money and if incentiveveasset is 0 because the check is 0 and if statment will not pass and the minting will not happen and your not goin...

Bad use of safeApprove

Lines of code Vulnerability details Impact Function deposit in booster could revert when stake option is true if the contract has an allowance of the token for rewarcontract 0. The same in many contracts but in VE3DRewardPool.sol a user can get his rewards blocked. Proof of Concept If the contrac...

VE3DRewardPool.getReward() overmints with fee-on-transfer reward tokens

Lines of code Vulnerability details Impact Fee-on-transfer rewardTokens will lead to over minting when calling VE3DRewardPool.getReward. Proof of Concept function getReward address account, bool claimExtras, bool stake public updateRewardaccount address rewardToken; for uint256 i = 0; i 0...