10190 matches found
Support of deflationary / rebasing tokens
Handle pauliax Vulnerability details Impact Deflationary fee on transfer / rebasing tokens are not supported. Because anyone can createPromotion with an arbitrary token, such tokens may be lost forever. Recommended Mitigation Steps Consider checking the actual amounts transferred balance...
A malicious ticket can drain the tokens
Handle pauliax Vulnerability details Impact Anyone can createPromotion with any arbitrary ticket supposed it follows the proposed interface. Thus, it is possible to create a promotion with a malicious ticket that returns arbitrary values for getAverageBalanceBetween and...
TwabRewards: cancelPromotion() can revert if a promotion tokens applies fee on transfer
Handle GiveMeTestEther Vulnerability details Impact If the promotion token applies transfer fees, the total amount the contract holds will be less than "tokensPerEpoch numberOfEpochs" bcs a part of this amount is the fee = funds + fee, but only the "funds" can be withdrawn. If after each epoch al...
Possibility to drain TwabRewards smart contract tokens
Handle kemmio Vulnerability details Impact Possibility to drain all smart contract assets abusing rogue ticket contract Proof of Concept The vulnerability arises because of inconsistent check of requireTicket in createPromotion requireTicketticket; function requireTicketaddress ticket internal vi...
Drain the award pool by feeding outrange epoch into function claimRewards
Handle 0xabc Vulnerability details Impact in function claimRewards, there is no checking on value in epochIds. Exploiter can claim more than the promotion award by calling the function with outrange epochs. Proof of Concept Consider a promotion with promitionid X and numberOfEpochs =Y. Exploiter...
Unsafe uint64 casting may overflow
Handle sirhashalot Vulnerability details Impact The calculateRewardAmount function casts epoch timestamps from uint256 to uint64 and these may overflow. The epochStartTimestamp value is a function of the user-supplied epochId value, which could be extremely large up to 2255 – 1. While Solidity...
getRemainingRewards might fail unexpectedly
Handle certora Vulnerability details getRemainingRewards might fail unexpectedly. getRemainingRewards calls getRemainingRewards which calls getCurrentEpochId: function getCurrentEpochIdPromotion memory promotion internal view returns uint256 // elapsedTimestamp / epochDurationTimestamp return...
cancelPromotion() Unable to cancel unstarted promotions
Handle WatchPug Vulnerability details For unstarted promotions, cancelPromotion will revert at block.timestamp - promotion.startTimestamp in getCurrentEpochId. Call stack: cancelPromotion - getRemainingRewards - getCurrentEpochId. function getRemainingRewardsPromotion memory promotion internal vi...
cancelPromotion will revert if the promotion is not started yet
Handle certora Vulnerability details cancelPromotion might fail unexpectedly. cancelPromotion calls getRemainingRewards which calls getCurrentEpochId: function getCurrentEpochIdPromotion memory promotion internal view returns uint256 // elapsedTimestamp / epochDurationTimestamp return...
getRemainingRewards() Malfunction for unstarted promotions
Handle WatchPug Vulnerability details For unstarted promotions, cancelPromotion will revert at block.timestamp - promotion.startTimestamp in getCurrentEpochId. Call stack: getRemainingRewards - getRemainingRewards - getCurrentEpochId. function getCurrentEpochIdPromotion memory promotion internal...
Large _epochId value impacts rewards calculation
Handle sirhashalot Vulnerability details Impact The epochId value is a uint256 that can be provided by the user in the epochIds array in the important claimRewards and getRewardsAmount functions. The epochId value should be between 0 and 255, as evidenced by the bit shifting of a uint256 type in...
After a promotion is cancelled, not claimed rewards are stuck
Handle 0x0x0x Vulnerability details After a promotion is cancelled using cancelPromotion, not awarded rewards for remaining epochs are sent to an address given by promotion creator. Awarded rewards not claimed by users stay in the contract. Since the promotion is deleted from promotions, users...
Suggestion : To add explicit check for no of epochs to be 255 in createPromotion and extendPromotion
Handle 0x421f Vulnerability details So we are using uint256 to store 1/0 if that epoch is being claimed or not uint2561 is our base, so 255 is max limit we have now if someone creates a promotion with 255 epochs in epochs 255 , it will revert with "TypeError : Invalid Rational Number" Copied from...
Can drain any promotion rewards
Handle gzeon Vulnerability details Impact There are no checks to make sure epochId const promotionId = 1; const wallet2Amount = toWei'750'; const wallet3Amount = toWei'250'; await ticket.mintwallet2.address, wallet2Amount; await ticket.connectwallet2.delegatewallet2.address; await...
Dust Token Balances Cannot Be Claimed By An admin Account
Handle leastwood Vulnerability details Impact Users who have a small claim on rewards for various promotions, may not feasibly be able to claim these rewards as gas costs could outweigh the sum they receive in return. Hence, it is likely that a dust balance accrues overtime for tokens allocated f...
Can drain any promotion rewards with a evil ticket
Handle gzeon Vulnerability details Impact TwabRewards check legitimacy of ticket by checking if the ticket have a controller method. function requireTicketaddress ticket internal view requireticket != address0, "TwabRewards/ticket-not-zero-address"; bool succeeded, bytes memory data =...
Possibility to drain SavingsAccount contract assets
Handle kemmio Vulnerability details Impact A malicious actor can manipulate switchStrategy function in a way to withdraw tokens that are locked in SavingsAccount contract the risk severity should be reviewed Proof of Concept Firstly an attacker need to deploy a rogue strategy contract implementin...
getRewardsAmount doesn't check epochs haven't been claimed
Handle harleythedog Vulnerability details Impact In ITwabRewards.sol, it is claimed that getRewardsAmount should account for epochs that have already been claimed, and not include these epochs in the total amount indeed, there is a line that says @dev Will be 0 if user has already claimed rewards...
StartTimestamp is not checked
Handle defsec Vulnerability details Impact When the promotion is created, the promotion.startTimestamp variable can be so old date. That will cause to affect to epoch calculation. Proof of Concept 1. Navigate to the following contract code. promotionsnextPromotionId = Promotion msg.sender, ticket...
AaveYield: Misspelled external function name making functions fail
Handle 0xngndev Vulnerability details Impact In AaveYield.sol the functions: liquidityToken withdrawETH depositETH Make a conditional call to IWETHGatewaywethGateway.getAWETHAddress This function does not exist in the wethGateway contract, causing these function to fail with the error "Fallback n...
Change in auctionMultiplier/auctionDecrement change profitability of auctions and factory can steal all tokens from a basket abusing it
Handle 0x0x0x Vulnerability details When factory changes auctionMultiplier or auctionDecrement profitability of bonded auctions change. There is no protection against this behaviour. Furthermore, factory owners can decide to get all tokens from baskets where they are bonded for the auction. Proof...
Fee calculation is slightly off
Handle gzeon Vulnerability details Impact The fee calculation uint256 timeDiff = block.timestamp - lastFee; uint256 feePct = timeDiff licenseFee / ONEYEAR; uint256 fee = startSupply feePct / BASE - feePct; tries to calculate a fee such that fee/supply+fee = %fee using a simple interest formula i....
Basket:handleFees(): fees are overcharged
Handle GiveMeTestEther Vulnerability details Impact The fee calculation is based on the totalSupply of the basket token. But some amount of the totalSupply represents the fees paid to the publisher/ protocol owner. Therefore the fees are "overcharged": because the fee amount is calculated on a pa...
Promotion creator can't cancel promotion before it has begun
Handle kenzo Vulnerability details If a promotion creator has created a promotion for the future, and decides to cancel it, he can not do so due to an underflow in a calculation. Impact Promotion creator funds will be locked until promotion begins. Proof of Concept Promotion's startTimestamp is...
Missing cap on LicenseFee
Handle gzeon Vulnerability details Impact There is no cap on LicenseFee. While change of LicenseFee is under 1 day timelock, introducing a maxLicenseFee can improve credibility by removing the "rug" vector. There is a minLicenseFee in the contracts, while imo make little sense to have minLicenseF...
Multiple initialization of Collateral contract
Handle 0x1f8b Vulnerability details Impact The attacker can initialize the contract, take malicious actions, and allow it to be re-initialized by the project without any error being noticed.. Proof of Concept The initialize method of the Collateral contract does not contain the initializer...
Basket.sol#publishNewIndex() Lack of input validation may cause fund loss to anyone who bonds an auction
Handle WatchPug Vulnerability details According to the newRatio formula in settleAuction, the maximum value of newRatio is factory.auctionMultiplier basket.ibRatio. However, since there is no validation for the value of minIbRatio when setting it, if the publisher publishes a newIndex with...
Auction.sol#settleAuction() Bonder may not be able to settle a bonded auction, leading to loss of funds
Handle WatchPug Vulnerability details uint256 a = factory.auctionMultiplier basket.ibRatio; uint256 b = bondBlock - auctionStart BASE / factory.auctionDecrement; uint256 newRatio = a - b; address memory pendingTokens, uint256 memory pendingWeights, uint256 minIbRatio = basket.getPendingWeights;...
Publisher can scam users by changing license fees and using auction to freeze user funds
Handle 0x0x0x Vulnerability details Publisher can call changeLicenseFee to change fees. There is no maximum cap for this parameter. At first glance, because there is a timelock period of 1 day, the users have enough time to react. But if the publisher can start an auction and bondForRebalance. Th...
Reentrancy vulnerability in Basket contract's initialize() method.
Handle broccolirob Vulnerability details A malicious "publisher" can create a basket proposal that mixes real ERC20 tokens with a malicious ERC20 token containing a reentrancy callback in it's approve method. When the initialize method is called on the newly cloned Basket contract, a method calle...
divide-before-multiply
Handle 0v3rf10w Vulnerability details Impact divide-before-multiply can lead to miscalculation of fees in below function Proof of Concept Vulnerable Function : Basket.handleFeesuint256 Basket.sol133-153 : uint256 feePct = timeDiff licenseFee / ONEYEAR; uint256 fee = startSupply feePct / BASE -...
Basket.sol#auctionBurn calculates ibRatio wrong
Handle 0x0x0x Vulnerability details The function is implemented as follows: function auctionBurnuint256 amount onlyAuction nonReentrant external override uint256 startSupply = totalSupply; handleFeesstartSupply; burnmsg.sender, amount; uint256 newIbRatio = ibRatio startSupply / startSupply -...
Basket can be fully drained if the auction is settled within a specific block
Handle Ruhum Vulnerability details Impact The settleAuction function allows someone to settle the auction by transferring funds in a way that the new pending index is fulfilled. As a reward, they are able to take out as many tokens as they want as long as the pending index is fulfilled after that...
Wrong fee calculation after totalSupply was 0
Handle kenzo Vulnerability details handleFees does not update lastFee if startSupply == 0. This means that wrongly, extra fee tokens would be minted once the basket is resupplied and handleFees is called again. Impact Loss of user funds. The extra minting of fee tokens comes on the expense of the...
Wrong emergencyWithdraw logic
Handle 0x1f8b Vulnerability details Impact The contract doesn't work as expected. Proof of Concept The method, emergencyWithdraw inside the contract yield/NoYield doesn't work as expected, the transfer was done with received value, and it should be done with amount, so the emergencyWithdraw never...
Missing SafeApprove(0)
Handle sirhashalot Vulnerability details There are instances where the SafeApprove function is called only once without setting the allowance to zero. Some tokens, like USDT, require first reducing the address' allowance to zero by calling approvespender, 0. Additionally, the comment before the...
Publisher can lock all user funds in the Basket in order to force a user to have their bond burned
Handle TomFrenchBlockchain Vulnerability details Impact All user funds in a basket being held hostage by the publisher Proof of Concept The Basket publisher can propose an auction in order to set new tokens and weights with a 1 day timelock. As part of this call they can set the minIbRatio variab...
Lost fees due to precision loss in fees calculation
Handle kenzo Vulnerability details In fees calculation, division is being used in the midst of the calculation, not at the end of it. This leads to lost precision in fee amount as solidity doesn't save remainder of division. Division should happen at the end to maintain precision. Impact Lost fee...
Unsafe implementation of fundLoan() allows attacker to steal collateral from an unfunded loan
Handle WatchPug Vulnerability details uint256 treasuryFee = fundsLent ILenderLikelender.treasuryFee paymentInterval paymentsRemaining / uint256365 days 10000; // Transfer delegate fee, if any, to the pool delegate, and decrement drawable funds. uint256 delegateFee = fundsLent...
tokenWhitelist might break if removeFromTokenWhitelist is called multiple times with the same token
Handle gzeon Vulnerability details Impact In removeFromTokenWhitelist of ProtocolGovernance, numberOfValidTokens is decreased by 1 if addr is in tokenEverAdded. There are no check if the addr is still in the whitelist and therefore numberOfValidTokens can be repeatedly decreased to 0 by calling...
IsContract Function Usage
Handle defsec Vulnerability details Impact the isContract function that uses EXTCODESIZE was discovered to be hackable. The function will return false if it is invoked from a contract's constructor because the contract has not been deployed yet. The code should be used very carefully, if at all, ...
AaveVault is vulnerable to flashloan sandwich attack
Handle WatchPug Vulnerability details In the current implementation of AaveVault, tvl is only updated after each deposit/withdraw, which means unclaimed yields won't be included in tvl until someone deposit/withdraw, making it vulnerable to flashloan sandwich attack that steals pending yields. Po...
Governor can steal funds from vaults
Handle 0x0x0x Vulnerability details reclaimTokens function is as follows function reclaimTokensaddress to, address memory tokens external nonReentrant requirenft 0, ExceptionsLibrary.INITIALIZATION; IProtocolGovernance governance = vaultGovernance.internalParams.protocolGovernance; bool...
YearnVault.sol#pull() will most certainly fail
Handle WatchPug Vulnerability details for uint256 i = 0; i balance yTokenAmount = balance; if yTokenAmount == 0 continue; yToken.withdrawyTokenAmount, to, maxLoss; tokenAmountsi, addressthis; actualTokenAmounts = tokenAmounts; The actual token withdrew from yToken.withdraw will most certainly be...
Bad redirects can make it impossible to deposit & withdraw
Handle cmichel Vulnerability details The GatewayVault.push function gets redirects from the strategyParams. If redirectsi = j, vault index i's deposits are redirected to vault index j. Note that the deposits for vault index i are cleared, as they are redirected: for uint256 j = 0; j The same is...
Unlimited allowances let anyone move funds to child vaults
Handle 0x0x0x Vulnerability details A malicious attacker can move someones funds between their vaults, since max allowances are given. As a consequence, a malicious user can block activities such as reclaimTokens. Although, funds are not directly stolen, it is possible to revert transactions of...
ChiefTrader.sol Wrong implementation of swapExactInput() and swapExactOutput()
Handle WatchPug Vulnerability details When a caller calls ChiefTrader.solswapExactInput, it will call ITradertraderAddress.swapExactInput. return ITradertraderAddress.swapExactInput0, amount, recipient, path, options; However, in the current implementation, inputToken is not approved to the...
Basket publisher can raise licenseFee in an unbounded fashion, stealing other users tokens
Handle TomFrenchBlockchain Vulnerability details Impact Publisher can make licenseFee arbitrarily large and then steal any funds remaining in the basket after 1 day. Proof of Concept On minting or burning basket tokens the handleFees function is called. This mints a number of basket tokens to the...
Anyone can call closeLoan() to close the loan
Handle WatchPug Vulnerability details function closeLoanuint256 amount external override returns uint256 principal, uint256 interest // The amount specified is an optional amount to be transfer from the caller, as a convenience for EOAs. requireamount == uint2560 ||...
UniswapV3's path issue for swapExactOutput
Handle cmichel Vulnerability details UniswapV3 expects a path object like tokenA, feeAB, tokenB, feeBC, tokenC. The UniV3Trader.swapExactOutput code tries to reverse this path to get to tokenC, feeBC, tokenB, feeAB, tokenA but that's not what the reverseBytes function does. Note that it reverts t...