Multi-hop routes will leave a dust trail

Lines of code Vulnerability details Impact By calling RubiconMarket.buyid, quantity as a consequence of L239 and L241 with quantity = currentAmount - currentAmount expectedMarketFeeBPS / 10000 ...the fee calculated by the buy function amounts to: currentAmount - currentAmount expectedMarketFeeBPS...

BathToken uninitialized rewardsVestingWallet leading to loss of funds

Lines of code Vulnerability details Impact Contract BathToken.sol implements distributeBonusTokenRewards function that allows distributing non-underlying bath token incentives to pool withdrawers. In case of rewardsVestingWallet being set implementation triggers release function of...

Reentrancy attack

Lines of code Vulnerability details Impact High impact. Reentrancy Attack may lead in lost of funds. Proof of Concept Reentrancy in RubiconMarket.matchouint256,ERC20,uint256,ERC20,uint256,bool c ontracts/RubiconMarket.sol1049-1108: External calls: - buybestmakerid,minmpayamt,t...

There is no way to set the rewardsVestingWallet (IBathBuddy) in BathToken contract

Lines of code Vulnerability details rewardsVestingWallet IBathBuddy helps in releasing or distributing vested bonus tokens during withdrawals. There is currently no function to set it in BathToken contract. rewardsVestingWallet IBathBuddy remains as address0 and is unusable. Impact Admin can not...

Anyone can cancel orders from the router and get the tokens

Lines of code Vulnerability details Impact Anyone can cancel orders from the router and get the tokens Proof of concept -A user makes a WETH order from the router -Any attacker can call the cancel function with the order ID and get all the unfilled funds from the order Basically orders in the...

Orders sent with RubiconRouter Will get fulfilled in the router and tokens will be Lost

Lines of code Vulnerability details impact Users of the router will lose their funds proof of concept -Users can send orders from the router using offerForEth or offerWithEth -In order creation msg.sender will be the router since the router calls the market If the order doesn't get instantaneousl...

Calculation error

Lines of code Vulnerability details Impact function swap uint256 payamt, uint256 buyamtmin, maxAmount is a payamt denominated in token route0 =paygem buyamtmin is a buyamt denominated in token routelast =buygem buyamtmin expectedMarketFeeBPS / 1000 is the fee denominated in token routelast --...

First depositor can break minting of shares

Lines of code Vulnerability details Impact The attack vector and impact is the same as TOB-YEARN-003, where users may not receive shares in exchange for their deposits if the total asset amount has been manipulated through a large “donation”. Proof of Concept In BathToken.sol:569-571, the...

rewardsVestingWallet is never initialized

Lines of code Vulnerability details Impact rewardsVestingWallet in BathToken is never initialized thus release will never happen: /// @notice Address of the OZ Vesting Wallet which acts as means to vest bonusToken incentives to pool HODLers IBathBuddy public rewardsVestingWallet; When calling...

Stealing Deposited LP Token Balance of the Contract!

Lines of code Vulnerability details Impact The FeeBurner.sol has burnToTarget which was vulnerable to Stealing of LPToken Balance Anyone could transfer LP tokens to them! Proof of Concept 1. The targetLpTokenBalance is calculated by depositing with the Underlying token and target pool. 2. The...

VotingEscrow's merge and withdraw aren't available for approved users

Lines of code Vulnerability details Users who are approved, but do not own a particular NFT, are supposed to be eligible to call merge and withdraw from the NFT. Currently burn, used by merge and withdraw to remove the NFT from the system, will revert unless the sender is the owner of NFT as the...

User rewards stop accruing after any _writeCheckpoint calling action

Lines of code Vulnerability details Any user balance affecting action, i.e. deposit, withdraw/withdrawToken or getReward, calls writeCheckpoint to update the balance records used for the earned reward estimation. The issue is that writeCheckpoint always sets false to voted flag for the each new...

Unauthenticated access to Whitelist tokens

Lines of code Vulnerability details Impact If we observe the whitelist function at Voter.solL178, we will observe that only governor is allowed to whitelist tokens requiremsg.sender == governor. But this can be simply bypassed by a minter role using the initialize function which directly calls...

Arbitrary access to reset any _tokenId

Lines of code Vulnerability details Impact The poke function is currently missing check to see if user calling poke with tokenId is actually owner of it. Since this function will reset the token and vote so the actual owner will not be able to make withdraw on this tokenId as votedtokenId will be...

Upgraded G -> H from 10 [1653554038009]

Judge has assessed an item in Issue 10 as High risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

Order Overflow

Lines of code Vulnerability details Impact In the partial fill orderStatus calculation, there could be an overflow in the numerator and denominator calculation. This overflow could lead a buyer to buy more NFT/Other tokens than order amount. First example of impact: An NFT seller has two orders:...

Gauge: Attacker can call notifyRewardAmount function to insert malicious token to prevent reward distribution

Lines of code Vulnerability details Impact The notifyRewardAmount function of the Gauge contract can be called by anyone, and can insert any token when rewards.length MAXREWARDTOKENS. And the notifyRewardAmount function of the Gauge contract will call the addRewardToken of the Bribe contract to a...

Lack of check could cause lose of user funds

Lines of code Vulnerability details Impact The increaseamount function is currently missing check for attachments and voted. Any amount provided will get added to existing amount. The increased amount will get stuck during withdraw if attachmentstokenId != 0 or votedtokenId Proof of Concept 1. Us...

VotingEscrow doesn't properly store history values thus balanceOfAtNFT() and totalSupplyAt() always return 0

Lines of code Vulnerability details Impact VotingEscrow of Velodrome is a port from vyper but it had a crucial bug due to the difference of how vyper and solidity deals with memory struct assignment. In short, balanceOfAtNFTuint tokenId, uint block and totalSupplyAtuint block that should've...

Increase voting power by tokenizing the address that locks the token

Lines of code Vulnerability details Impact Without restriction on the type of address that lock the token, a bad actor could lock the token through the smart contract. Doing so enable him to make the lockedToken becomes liquidate by tokenize his smart contract which defeat the purpose of the...

ConvexMasterChef: safeRewardTransfer can cause loss of funds

Lines of code Vulnerability details Impact Same as code-423n4/2022-02-concur-findings244 All calculations are rounded down, since a lack of tokens in the contracts cannot be rounding errors' fault. So the function is redundant. On the other hand, if the contract is undersupplied with cvx tokens,...

No rewards will be queued for users at intervals

Lines of code Vulnerability details Impact The 20% penalty that is taken from users who claim their rewards but choose not to stake in the AuraLocker is sent to the penaltyForwarder. Thereafter, it gets distributed to the locker to be queued but the issue in AuraLocker.queueNewRewards is that the...

CrvDepositor.sol Wrong implementation of the 2-week buffer for lock

Lines of code Vulnerability details uint256 unlockAt = block.timestamp + MAXTIME; uint256 unlockInWeeks = unlockAt/WEEKWEEK; //increase time too if over 2 week buffer ifunlockInWeeks.subunlockTime 2 IStakerstaker.increaseTimeunlockAt; unlockTime = unlockInWeeks; In lockCurve, unlockInWeeks -...

ExtraRewardsDistributor deposits don’t work with fee-on transfer tokens

Lines of code Vulnerability details Impact There are ERC20 tokens that may make certain customizations to their ERC20 contracts. One type of these tokens is deflationary tokens that charge a certain fee for every safetransfer or safetransferFrom . Proof of Concept The ExtraRewardsDistributor’s...

Re-entrancy on BaseRewardPool.getReward()

Lines of code Vulnerability details See @audit-info tags: File: BaseRewardPool.sol 280: / 281: @dev Gives a staker their rewards, with the option of claiming extra rewards 282: @param account Account for which to claim 283: @param claimExtras Get the child rewards too? 284: / 285: function...

AuraClaimZap's claimRewards can permanently freeze user Aura funds

Lines of code Vulnerability details If claimRewards is called with depositCvxMaxAmount 0 and Options.LockCvx == false, the up to depositCvxMaxAmount AURA tokens are pulled from the user, but never get staked. There looks to be no way to retrieve Aura tokens ended up on AuraClaimZap balance this...

ConvexMasterChef's deposit and withdraw can be reentered drawing all reward funds from the contract if reward token allows for transfer flow control

Lines of code Vulnerability details Reward token accounting update in deposit and withdraw happens after reward transfer. If reward token allows for the control of transfer call flow or can be upgraded to allow it in the future i.e. have or can introduce the beforetokentransfer, afterTokenTransfe...

Steal directly transferred funds via backrunning

Lines of code Vulnerability details Issue: If BPT is sent to the contract for any reason, an attacker can call deposit and claim the BPT for themselves. Consequences: Loss of any BPT sent to the contract directly. Proof of Concept: User mistakenly sends BPT directly to the contract, possibly...

Consistently check account balance before and after transfers for Fee-On-Transfer discrepancies

Lines of code Vulnerability details As arbitrary ERC20 tokens can be passed, the amount here should be calculated every time to take into consideration a possible fee-on-transfer or deflation. Also, it's a good practice for the future of the solution. Affected code:...

DDOS in BalLiquidityProvider

Lines of code Vulnerability details Impact DDOS to liquidity providers in BalLiquidityProvider Proof of Concept bal is equal to the contract’s balance of the asset bal is required to be equal to the input parameter request.maxAmountsIni : An attacker can front-run liquidity providers by sending 1...

Router: Transferring Token to the Pair contract will cause future liquidity providers to lose funds

Lines of code Vulnerability details Impact Same as code-423n4/2022-01-elasticswap-findings146 In the current implementation, the amount of LP tokens to be minted when addLiquidity is calculated based on the ratio between the amount of newly added tokens and the reserve variable in the Pair...

massUpdatePools() is susceptible to DoS with block gas limit

Lines of code Vulnerability details Impact massUpdatePools is a public function and it calls the updatePool function for the length of poolInfo. Hence, it is an unbounded loop, depending on the length of poolInfo. If poolInfo.length is big enough, block gas limit may be hit. Proof of Concept Tool...

AuraClaimZap may transfer CVX tokens to itself which become locked in the contract

Lines of code Vulnerability details Impact During AuraClaimZap.claimExtras if the option LockCvx is set to false then the contract will transfer CVX tokens from the msg.sender to this contract without forwarding them on to the user. There is no way to retrieve these funds from the protocol and...

WithdrawTo() needs a zero address check for _to parameter

Lines of code Vulnerability details Impact The withdrawTo function in Booster.sol is missing a zero address check for to parameter. Tokens would be lost if to is zero address. Proof of Concept Tools Used Manual review Recommended Mitigation Steps User require to ensure to is not a zero address. -...

Reward may be locked forever if user doesn't claim reward for a very long time such that too many epochs have been passed

Lines of code Vulnerability details Impact Reward may be locked forever if user doesn't claim reward for a very long time such that too many epochs have been passed. The platform then forced to reimburse reward to the user that got their reward locked. Causing huge economics loss. Proof of Concep...

Aura.sol mint() function has a bug in the logic

Lines of code Vulnerability details Impact Intention is that during inflation period operator will or at least will be able to min EMISSIONSMAXSUPPLY token amount. Due to a logic bug amount of operator mintable tokens directly depends on how many tokens are minted by function minterMint and init...

Improperly Skewed Governance Mechanism

Lines of code Vulnerability details ALR-02H: Improperly Skewed Governance Mechanism | File | Lines | Type ---|---|--- AuraLocker.sol | L594-L609, L611-L618 | Governance Susceptibility Description The balance checkpointing system exposed by the contract for governance purposes is flawed as it does...

Impossible Clearance of Delegate

Lines of code Vulnerability details ALR-01M: Impossible Clearance of Delegate | File | Lines | Type ---|---|--- AuraLocker.sol | L464-L509 | Code Functionality Description The delegate function disallows clearance of any existing delegation, thereby forcing the user to retain a delegate active...

Integer overflow will lock all rewards in AuraLocker

Lines of code Vulnerability details Impact There is a potential overflow in the rewards calculations which would lead to updateReward always reverting. The impact of this overflow is that all reward tokens will be permanently locked in the contract. User's will be unable to call any of the...

Users can grief reward distribution

Lines of code Vulnerability details Impact Users can grief reward distributions by spending dust Proof of Concept If a reward is targeted for an epoch in the past, a user can front-run the txn in the mempool and call addRewardToEpoch with a dust amount at an epoch after the one in question. This...

Users may lose rewards to other users if rewards are given as fee-on-transfer tokens

Lines of code Vulnerability details Impact If rewards are given in fee-on-transfer tokens, users may get no rewards, breaking functionality Med: Assets not at direct risk, but the function of the protocol or its availability could be impacted, or :::leak value with a hypothetical attack path with...

AuraBalRewardPool charges a penalty to all users in the pool if the AuraLocker has been shut down

Lines of code Vulnerability details Impact Users are charged the penalty due to admin actions, and they have no way to avoid it Proof of Concept When claiming their rewards, users are charged a penalty if they take the reward directly, rather than by passing it into the auraLocker. Those are the...

Locking up AURA Token does not increase voting power of individual

Lines of code Vulnerability details Background Per the documentation, AURA tokens can be locked in the AuraLocker to recieve vlAURA. vlAURA is voting power in the AURA ecosystem. It is also possible for the users to delegate their voting power to a specific address by calling the...

Users can get rewards even if not locking for the full lock duration

Lines of code Vulnerability details Impact Users can get rewards that should only have gone to users that locked for the full duration, effectively stealing from those other users Proof of Concept This is the relevant logic from lock that determines the time at which the funds are unlocked: File:...

AuraLocker kick reward only takes last locked amount into consideration, instead of whole balance

Lines of code Vulnerability details The issue occurs in AuraLocker, when expired locks are processed via kicking, and if all the user locks have expired. In this scenario, to calculate the kick reward, processExpiredLocks multiplies the last locked amount by the number of epochs between the last...

The _validateOrdersAndPrepareToFulfill & _performFinalChecksAndExecuteOrders functions not using the reentrancy function as intended

Lines of code Vulnerability details Impact A reentrant calls won't be defeated in validateOrdersAndPrepareToFulfill & performFinalChecksAndExecuteOrders functions and potential denial of service on validateOrdersAndPrepareToFulfill Proof of Concept The The validateOrdersAndPrepareToFulfill &...

ConvexMasterChef: When _lpToken is duplicated, reward calculation is incorrect

Lines of code Vulnerability details Impact Same as IDX-002 in In the ConvexMasterChef contract, a new staking pool can be added using the add function. The staking token for the new pool is defined using the lpToken variable. However, there is no additional checking whether the lpToken is already...

ConvexMasterChef: When _lpToken is cvx, reward calculation is incorrect

Lines of code Vulnerability details Impact In the ConvexMasterChef contract, a new staking pool can be added using the add function. The staking token for the new pool is defined using the lpToken variable. However, there is no additional checking whether the lpToken is the same as the reward tok...

The _transferEthAndFinalize function may reentrant

Lines of code Vulnerability details Impact A reentrancy attack may occurs in transferEthAndFinalize Proof of Concept The reentrancy guard contract works that way, in the intial call "setReentrancyGuard" it declare that the call isn't reentrant, then inside that function it calls another...

Rounding-error can be redeemed for free

Originally part of a QA report by gzeon 59 Rounding-error can be redeemed for free If the redeemAmount is 0 but less than the value of 1 share, 0 share will be burned while the user can withdraw non-zero amount. uint256 shares = tokenToSharesredeemAmount; --- The text was updated successfully, bu...