Chainlink pricer is using a deprecated API

Lines of code Vulnerability details Impact According to Chainlink's documentation, the latestAnswer function is deprecated. This function might suddenly stop working if Chainlink stop supporting deprecated APIs. And the old API can return stale data. Proof of Concept Tools Used None Recommended...

COLLATERAL_MINTER_ROLE can be granted by the deployer of QuantConfig and mint arbitrary amount of tokens

Lines of code Vulnerability details Impact function mintCollateralToken address recipient, uint256 collateralTokenId, uint256 amount external override require quantConfig.hasRole quantConfig.quantRoles"COLLATERALMINTERROLE", msg.sender , "CollateralToken: Only a collateral minter can mint...

Using deprecated Chainlink function latestAnswer

Lines of code Vulnerability details Proof of Concept According to Chainlink's documentation, the latestAnswer function is deprecated. This function does not error if no answer has been reached but returns 0. Besides, the latestAnswer is reported with 18 decimals for crypto quotes but 8 decimals f...

Option create can be denied

Lines of code Vulnerability details Proof of Concept A griefer can frontrun the createOption from a user and user's tx will revert. This line will revert because of this Recommended Mitigation Steps One gas efficient way to prevent this is to mix msg.sender into salt. --- The text was updated...

[WP-M10] Wrong formula of getSharesForAmount() can potentially cause fund loss when being used to calculate the shares to be used in withdraw()

Lines of code Vulnerability details In Collateral, the getter functions getAmountForShares and getSharesForAmount is using totalAssets instead of strategyController.totalValue, making the results can be different than the actual shares amount needed to withdraw a certain amount of baseToken and t...

SingleStrategyController doesn't verify that new strategy uses the same base token

Lines of code Vulnerability details Impact When migrating from one strategy to another, the controller pulls out the funds of the old strategy and deposits them into the new one. But, it doesn't verify that both strategies use the same base token. If the new one uses a different base token, it...

Can steal collateral deposit

Lines of code Vulnerability details Impact The Collateral.deposit function mints initial shares equal to the deposited amount. The deposit / withdraw functions also use the strategyController.totalValue, which includes the strategy contract balance, to compute the shares. It's possible to increas...

Inflate collateral token and partial bypass minting fee by directly transferring to _strategyController

Lines of code Vulnerability details Impact This bug enables partial bypass of fee while minting Collateral tokens through Collateral.deposit. Attackers can also utilize this bug to inflate prices of Collateral tokens, creating "unfair advantages" for early minters of Collateral tokens. Proof of...

First user can prevent later users receiving collateral shares

Lines of code Vulnerability details Impact All users after the first the attacker will receive no collateral shares in return for their deposit, losing their tokens. Proof of Concept On the first mint of Collateral tokens the amount to be minted is equal to the amount of tokens deposited, on late...

getSharesForAmount returns wrong value when totalAssets == 0

Lines of code Vulnerability details Impact The getSharesForAmount function returns 0 if totalAssets == 0. However, if totalSupply == 0, the actual shares that are minted in a deposit are amount even if totalAssets == 0. Contracts / frontends that use this function to estimate their deposit when...

Market Expiration is Not Enforced Onchain

Lines of code Vulnerability details Impact The expiryTime variable is stored in the PrePOMarket.sol contract but not enforced anywhere in the contract. As a result, if a public offering never comes to fruition, then finalLongPrice will never be set and hence users will be expected to redeem...

[WP-H3] A malicious early user/attacker can manipulate the Collateral contract's pricePerShare to take an unfair share of future users' deposits

Lines of code Vulnerability details function deposituint256 amount external override nonReentrant returns uint256 ... uint256 shares = 0; if totalSupply == 0 shares = amountToDeposit; else / of shares owed = amount deposited / cost per share, cost per share = total supply / total value. / shares ...

Withdrawal Requests Can Be Bypassed

Lines of code Vulnerability details Impact Withdrawals can be initiated by accounts by calling the initiateWithdrawal function. A block delay is enforced with an expiration to prevent flash loan attacks on the protocol. However, because withdrawal requests are conducted on the account's token...

Withdrawal delay can be circumvented

Lines of code Vulnerability details Impact After initiating a withdrawal with initiateWithdrawal, it's still possible to transfer the collateral tokens. This can be used to create a second account, transfer the accounts to them and initiate withdrawals at a different time frame such that one of t...

Block delays can be bypassed with two flash loans instead of one

Lines of code Vulnerability details The README.md states: Withdrawals must be requested in a prior block via initiateWithdrawaluint256 amount . The number of blocks until a request expires is settable by the vault owner . This is mainly for mitigating the feasibility of a flash loan attack. Impac...

First depositor can break minting of shares

Lines of code Vulnerability details Details The attack vector and impact is the same as TOB-YEARN-003, where users may not receive shares in exchange for their deposits if the total asset amount has been manipulated through a large “donation”. Proof of Concept Attacker deposits 2 wei so that it i...

Malicious User can Manipulate PreCT Mint Logic with Direct Base Token Transfer

Lines of code Vulnerability details Impact A bad actor can steal funds from future depositors by sending the base token directly to the Strategy or StrategyController contracts. This exploit is more effective the less shares that have already been distributed, perhaps early into the launch of the...

Strategy Migration May Leave Tokens in the Old Strategy Impacting Share Calculations

Lines of code Vulnerability details Impact If a strategy does not have sufficient funds to withdraw for the full amount then it is possible that tokens will be left in this yield contract during migrate. It is common for withdrawal from a strategy to withdraw less than a user's balance. The reaso...

Market expiry behaviour differs in implementation and documentation

Lines of code Vulnerability details Description The docs say that “If a market has not settled by its expiry date, it will automatically settle at the lower bound of its Valuation Range.” However, in the implementation, the expiry date is entirely ignored. The default settlement after expiry is a...

DoS attack the system and steal all the users' funds

Lines of code Vulnerability details Impact That exploit is possible because of the implementation of the deposit function of the SingleStrategyController contract. // Assumes approval to take amount has already been given by vault function deposituint256 amount external override onlyVault...

No use of upgradeable SafeERC20 contract in Controller.sol

Lines of code Vulnerability details Impact Controller.sol makes use of Open Zeppelins ReentrancyGuardUpgradeable.sol in the file but does not use an upgradeable version of SafeERC20.sol Proof of Concept Tools Used Manual code review Recommended Mitigation Steps Make use of Open Zeppelins...

Duplicate _tokenNameSuffix and _tokenSymbolSuffix will incorrectly update current Market

Lines of code Vulnerability details Impacted Function: createMarket Description: 1. Owner calls createMarket with tokenNameSuffix S1 and tokenSymbolSuffix S2 which creates a new market M1 with deployedMarketssalt pointing to M1. Here salt can be S which is computed using tokenNameSuffix and...

No use of upgradeable safeERC20 contracts in Controller.sol

Lines of code Vulnerability details Impact Controller.sol makes use of Open Zeppelins ReentrancyGuardUpgradeable.sol in the file but does not use an upgradeable version of SafeERC20.sol Proof of Concept Tools Used Manual code review Recommended Mitigation Steps Make use of Open Zeppelins...

Manipulating PreCT Mint Logic with Direct Base Token Transfer

Lines of code Vulnerability details Impact A bad actor can steal funds from future depositors by sending the base token directly to the Strategy or StrategyController contracts. This exploit is more effective the less shares that have already been distributed, perhaps early into the launch of the...

Possible frontrun on deposits on LiquidityPool

Lines of code Vulnerability details Impact Rewards are given to a user for depositing either ERC20 tokens or their native token into the LiquidityPool. This reward is used to incentivize users to deposit funds into the liquidity pool when the pool is not in an equilibrium state. For regular users...

[WP-H14] LiquidityProviders.sol The share price of the LP can be manipulated and making future liquidityProviders unable to removeLiquidity()

Lines of code Vulnerability details function removeLiquidityuint256 nftId, uint256 amount external nonReentrant onlyValidLpTokennftId, msgSender whenNotPaused address tokenAddress, uint256 nftSuppliedLiquidity, uint256 totalNFTShares = lpToken.tokenMetadatanftId;...

An owner can rug pull and or lock users' funds

Lines of code Vulnerability details Impact By implementing malicious versions of the interfaces required by the contracts used in the set functions, an owner can rug pull user positions. Even if the owner is benevolent the fact that there is a rug vector available may negatively impact the...

A supported token can be unsupported and liquidity provider won't be able to withdraw their funds

Lines of code Vulnerability details Impact Liquidity provider will be unable to withdraw tokens that were previously supported Proof of Concept In liquidityProviders.sol users can provide liquidity only in supported tokens. This is checked when the user provides liquidity and checked again when h...

FUNCTION SETBASEGAS LACKS BOUNDS CHECK AND EVENT EMIT AFFECTS TRANSFER

Lines of code Vulnerability details Impact Executors can, unintentionally, send a huge amount of ETH Proof of Concept The function setBaseGasuint128 gasLiquidityPool.sol should have bounds like MAXBASEGAS. Even worse this function lacks of event emit. As a result, executors can call sendFundsToUs...

LiquidityPool:getAmountToTransfer() has incorrect calculation due to incorrect bracket placement

Lines of code Vulnerability details Impact In the scenario where the transfer fee exceeds the equilibrium fee, the excess gets credited to the incentive pool. The incentive pool fee added is incentivePooltokenAddress = incentivePooltokenAddress + amount transferFeePerc -...

[WP-H17] Users will lose a majority or even all of the rewards when the amount of total shares is too large, due to precision loss

Lines of code Vulnerability details function getUpdatedAccTokenPerShareaddress baseToken public view returns uint256 uint256 accumulator = 0; uint256 lastUpdatedTime = poolInfobaseToken.lastRewardTime; uint256 counter = block.timestamp; uint256 i = rewardRateLogbaseToken.length - 1; while true if...

sendFundsToUser() does not verify that the user has deposited anything

Lines of code Vulnerability details Impact Users can request arbitrary amounts when requesting funds from the executor, because the deposit hash is not checked against actual deposits. The user can be the executor him/herself if they wish to rug-pull directly. Proof of Concept function...

Frontrunning of setPerTokenWalletCap edge case

Lines of code Vulnerability details Impact The setPerTokenWalletCap function in WhitelistPeriodManager.sol contains a comment stating: Special care must be taken when calling this function There are no checks for perTokenWalletCap since it's onlyOwner, but it's essential that it should be = max l...

Sending tokens close to the maximum will fail and user will lose tokens

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept When a user calls the deposit function the reward amount is calculated and an event is emited with amount+reward as the transfer amount. The function checks amount is smaller than the m...

[WP-H8] Wrong formula for the fee to be added to the incentivePool

Lines of code Vulnerability details The protocol takes part of the fees to incentivize liquidity, which is recorded as incentivePooltokenAddress on LiquidityPool.sol. However, the formula used to calculate the updated amount of incentivePooltokenAddress in the current implementation is wrong...

Reward and base token decimals difference isn't accounted for in LiquidityFarming

Lines of code Vulnerability details Impact Reward and base token decimals can differ, while this difference isn't accounted for in the reward amount calculations, which will lead to either missing rewards or sending the whole rewards balance to the first eligible user. For example: If reward is...

LiquidityFarming.withdraw permanently freezes any unpaidRewards left

Lines of code Vulnerability details Impact Remainder nft.unpaidRewards are lost and cannot be retrieved after LiquidityFarming.withdraw. I.e. it is not possible to extractRewards for unpaidRewards later if withdraw being called when balance wasn't sufficient to fulfil the full withdraw of the...

Reward calculations can be rendered to zero due to the lack of precision

Lines of code Vulnerability details Impact On a combination of high enough token value and low enough decimals there can be not enough precision to store reward amount, which can be permanently hid from a user as a result. I.e. on such a combination there will effectively be no rewards for some...

Executors can steal funds meant to be sent to users

Lines of code Vulnerability details Impact The executor can provide any value it wants as the tokenGasPrice when it calls sendFundsToUser since it is not included in the hash checks. The executor can set the value to be exactly the number that will take all of the funds the user is requesting...

Renouncepauser function is dangerous

Lines of code Vulnerability details Impact If pauser makes an error all the protocol will be unusable Proof of Concept The funtion renouncePauserPausable.sol which affect several contracts is dangerous. function renouncePauser external virtual onlyPauser emit PauserChangedpauser, address0; pauser...

[WP-H4] Deleting nft Info can cause users' nft.unpaidRewards to be permanently erased

Lines of code Vulnerability details function withdrawuint256 nftId, address payable to external whenNotPaused nonReentrant address msgSender = msgSender; uint256 nftsStakedLength = nftIdsStakedmsgSender.length; uint256 index; for index = 0; index...

Fee-on-transfer/deflationary tokens cause problems

Lines of code Vulnerability details Some ERC20 tokens, such as USDT, allow for charging a fee any time transfer or transferFrom is called. If a contract does not allow for amounts to change after transfers, subsequent transfer operations based on the original amount will revert due to the contrac...

Can deposit native token for free and steal funds

Lines of code Vulnerability details Impact The depositErc20 function allows setting tokenAddress = NATIVE and does not throw an error. No matter the amount chosen, the SafeERC20Upgradeable.safeTransferFromIERC20UpgradeabletokenAddress, sender, addressthis, amount; call will not revert because it...

incentivePool increase is broken

Lines of code Vulnerability details Impact When updating the incentivePool it divides the previous value by BASEDIVISOR. On each update, the incentivePool basically resets itself to only the increment and loses the previous incentive pool. // @audit divides entire previous incentivePool by...

Wrong formula when add fee incentivePool can lead to loss of funds.

Lines of code Vulnerability details Impact The getAmountToTransfer function of LiquidityPool updates incentivePooltokenAddress by adding some fee to it but the formula is wrong and the value of incentivePooltokenAddress will be divided by BASEDIVISOR 10000000000 each time. After just a few time,...

DDOS - csanuragjain

Duplicate of 119 --- The text was updated successfully, but these errors were encountered: All reactions...

Oracle - csanuragjain

Duplicate of 46 --- The text was updated successfully, but these errors were encountered: All reactions...

DDOS - throttle

Contained in report. Duplicate of 119 --- The text was updated successfully, but these errors were encountered: All reactions...

Too many amms - omik

Duplicate of 97 --- The text was updated successfully, but these errors were encountered: All reactions...

CL - throttle

Duplicate of 46 --- The text was updated successfully, but these errors were encountered: All reactions...