Lucene search
K
Code423n4Recent

10190 matches found

Code423n4
Code423n4
added 2021/10/13 12:0 a.m.6 views

Summarize your findings for the bug or vulnerability

Handle AC0611 Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps --- The...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2021/10/13 12:0 a.m.10 views

The formula of number of prizes for a degree is wrong

Handle WatchPug Vulnerability details The formula of the number of prizes for a degree per the document: is: Number of prizes for a degree = 2^bit range^degree - 2^bit range^degree-1 - 2^bit range^degree-2 - ... Should be changed to: Number of prizes for a degree = 2^bit range^degree - 2^bit...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/10/13 12:0 a.m.12 views

Number of prizes math is wrong

Handle cmichel Vulnerability details The math described in Splitting the prizes and implemented in DrawCalculator.numberOfPrizesForIndex seems to be wrong. Assuming a bit range of 4 16 possibilities per position and cardinality of 8. Note that degree is determined by the first position where it...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/13 12:0 a.m.8 views

commit burn yields wrong amountOut computation

Handle cmichel Vulnerability details The PoolCommitter.commit function first adds the amount to the shadow pool shadowPoolscommitType = shadowPoolscommitType + amount and then computes the amountOut with this updated value already: PoolSwapLibrary.getWithdrawAmountOnBurn IERC20tokens1.totalSupply...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/13 12:0 a.m.17 views

PoolCommitter.sol#commit() Calculation of amountOut is wrong

Handle WatchPug Vulnerability details else if commitType == CommitType.LongBurn // long burning: pull in long pool tokens from committer // A theoretical amount based on current ratio. Used to get same units as minimumCommitSize uint256 amountOut = PoolSwapLibrary.getWithdrawAmountOnBurn...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/13 12:0 a.m.12 views

Deposits don't work with fee-on transfer tokens

Handle cmichel Vulnerability details There are ERC20 tokens that may make certain customizations to their ERC20 contracts. One type of these tokens is deflationary tokens that charge a certain fee for every transfer or transferFrom. Others are rebasing tokens that increase in value over time like...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/13 12:0 a.m.18 views

Wrong keeper reward computation

Handle cmichel Vulnerability details The PoolKeeper.keeperReward computation mixes WADs and Quads which leads to issues. 1. Note that keeperTip returns values where 1 = 1%, and 100 = 100%, the same way BASETIP = 5 = 5%. Thus tipPercent = ABDKMathQuad.fromUIntkeeperTip is a Quad value of this keep...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/10/13 12:0 a.m.7 views

Deposits don't work with fee-on transfer tokens

Handle cmichel Vulnerability details There are ERC20 tokens that may make certain customizations to their ERC20 contracts. One type of these tokens is deflationary tokens that charge a certain fee for every transfer or transferFrom. Others are rebasing tokens that increase in value over time like...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/13 12:0 a.m.10 views

Miners Can Re-Roll the VRF Output to Game the Protocol

Handle leastwood Vulnerability details Impact Miners are able to rewrite a chain's history if they dislike the VRF output used by the protocol. Consider the following example: A miner or well-funded user is participating in the PoolTogether protocol. A VRF request is made and fulfilled in the sam...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/13 12:0 a.m.10 views

uncommit sends tokens to the wrong user

Handle cmichel Vulnerability details The PoolCommitter.uncommit function calls the ILeveragedPoolleveragedPool.quoteTokenTransfer/mintTokens function with msg.sender. But in uncommit's case that's the pool, not the commit owner, see onlyPool modifier on executeAllCommitments which calls uncommit...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/13 12:0 a.m.9 views

PoolCommitter.sol#._uncommit() Tokens are not returned to the commit owner

Handle WatchPug Vulnerability details if commit.commitType == CommitType.LongMint || commit.commitType == CommitType.ShortMint // minting: return quote tokens to the commit owner ILeveragedPoolleveragedPool.quoteTokenTransfermsg.sender, commit.amount; else if commit.commitType ==...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/10 12:0 a.m.16 views

Basket becomes unusable if everybody burns their shares

Handle kenzo Vulnerability details While handling the fees, the contract calculates the new ibRatio by dividing by totalSupply. This can be 0 leading to a division by 0. Impact If everybody burns their shares, in the next mint, totalSupply will be 0, handleFees will revert, and so nobody will be...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/10/10 12:0 a.m.8 views

Validations

Handle pauliax Vulnerability details Impact function setBondPercentDiv should validate that newBondPercentDiv is not 0, or bondForRebalance will experience division by zero error otherwise. If you want to allow 0 values, then bondForRebalance should accommodate for such a possibility. function...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/10/10 12:0 a.m.8 views

Bonding mechanism allows malicious user to DOS auctions

Handle kenzo Vulnerability details A malicious user can listen to the mempool and immediately bond when an auction starts, without aim of settling the auction. As no one can cancel his bond in less than 24h, this will freeze user funds and auction settlement for 24h until his bond is burned and t...

6.6AI score
Exploits0
Code423n4
Code423n4
added 2021/10/10 12:0 a.m.10 views

mint will always revert

Handle pauliax Vulnerability details Impact Function mint will always fail as it calls mintTo and both functions are nonReentrant. Recommended Mitigation Steps Remove nonReentrant modifier from the mint function as it will be applied in mintTo anyway. --- The text was updated successfully, but...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/10 12:0 a.m.10 views

Unnecessary nonReentrant at mint breaks protocol

Handle kenzo Vulnerability details Basket's mint function has nonReentrant modifier. Mint function is only calling mintTo which also has nonReentrant modifier. Impact Nobody can use mint function. Proof of Concept Tools Used Recommended Mitigation Steps Remove nonReentrant from mint. --- The text...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/10 12:0 a.m.14 views

Auction bonder can steal user funds if bond block is high enough

Handle kenzo Vulnerability details After an auction has started, as time passes and according to the bondBlock, newRatio which starts at 2ibRatio gets smaller and smaller and therefore less and less tokens need to remain in the basket. This is not capped, and after a while, newRatio can become...

6.7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/10 12:0 a.m.6 views

Fee on transfer tokens do not work within the protocol

Handle tensors Vulnerability details Fee on transfer tokens transfer less tokens in than what would be expect. This means that the protocol request incorrect amounts when dealing with these tokens. The protocol should use stored token balances instead of transfer for calculating amounts. --- The...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/10 12:0 a.m.12 views

If newRatio > ibRatio after a settlement the protocol could lose its funds.

Handle tensors Vulnerability details Suppose that after a certain settleAuction call we have that newRatio ibRatio. I don't see any reason why this couldn't be possible, going through the math and solving for this condition we can see that: if b ibRatio then newRatio ibRatio assuming...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/10/10 12:0 a.m.5 views

createBasket re-entrancy

Handle pauliax Vulnerability details Impact function createBasket in Factory should also be nonReentrant as it interacts with various tokens inside the loop and these tokens may contain callback hooks. Recommended Mitigation Steps Add nonReentrant modifier to the declaration of createBasket. ---...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/10 12:0 a.m.11 views

Basket.sol#mint() Malfunction due to extra nonReentrant modifier

Handle WatchPug Vulnerability details function mintuint256 amount public nonReentrant override mintToamount, msg.sender; function mintTouint256 amount, address to public nonReentrant override requireauction.auctionOngoing == false; The mint method is malfunction because of the extra nonReentrant...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/09 12:0 a.m.8 views

Denial of Service in Basket.mint()

Handle pants Vulnerability details The function Basket.mint calls Basket.mintTo, but both Basket.mint and Basket.mintTo use the nonReentrant modifier. Impact The function Basket.mint will always revert when it calls Basket.mintTo, due to reentrancy. Tool Used Manual code review. Recommended...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2021/10/09 12:0 a.m.12 views

Setting Factory.bondPercentDiv to zero cause Denial of Service in Auction.bondForRebalance()

Handle pants Vulnerability details The function Factory.setBondPercentDiv allows the owner to set the state variable Factory.bondPercentDiv to zero. Impact If Factory.bondPercentDiv equals zero then the function Auction.bondForRebalance will always revert due to a division by zero: bondAmount =...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2021/10/09 12:0 a.m.9 views

Setting Factory.auctionDecrement to zero causes Denial of Service in Auction.settleAuction()

Handle pants Vulnerability details The function Factory.setAuctionDecrement allows the owner to set the state variable Factory.auctionDecrement to zero. Impact If Factory.auctionDecrement equals zero then the function Auction.settleAuction will always revert due to a division by zero: uint256 b =...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.9 views

Wrong index when accessing incentives

Handle pauliax Vulnerability details Impact Should be incentiveId, not positionId here: Incentive memory incentive = incentivespoolpositionId; Recommended Mitigation Steps Incentive memory incentive = incentivespoolincentiveId; --- The text was updated successfully, but these errors were...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.12 views

Incentive should check that it hasn't started yet

Handle cmichel Vulnerability details The ConcentratedLiquidityPoolManager.addIncentive function can add an incentive that already has a non-zero incentive.secondsClaimed. Impact Rewards will be wrong. Recommended Mitigation Steps Add a check: requireincentive.secondsClaimed == 0, "!secondsClaimed...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.6 views

Integer underflow error in claimReward of ConcentratedLiquidityPoolManager

Handle broccoli Vulnerability details Impact The claimReward function of ConcentratedLiquidityPoolManager calculates the secondsUnclaimed variable using a formula with an unclear intention: uint256 secondsUnclaimed = maxTime - incentive.startTime 128 - incentive.secondsClaimed; This formula cause...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.8 views

Unsafe handling of underlying tokens

Handle 0xsanson Vulnerability details Impact Not every ERC20 token follows OpenZeppelin's recommendation. It's possible inside ERC20 standard that a transferFrom doesn't revert upon failure but returns false. The code doesn't check these return values. For example uToken.transferFrommsg.sender,...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.9 views

ConcentratedLiquidityPoolHelper.getTickState reverts

Handle cmichel Vulnerability details ConcentratedLiquidityPoolHelper.getTickState allocates only tickCount elements for the ticks array. But the while loop iterates over all ticks of the pool which can potentially become very large, much larger than any tickCount could iterate in a reasonable tim...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.16 views

Can reclaim the same incentive multiple times

Handle pauliax Vulnerability details Impact function reclaimIncentive can be invoked more than once for the same incentiveId. If there were multiple incentives for the same token it would allow to drain these tokens by repeatedly calling reclaimIncentive. Recommended Mitigation Steps Simple...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.13 views

unchecked return value from approve()

Handle JMukesh Vulnerability details Impact contract uses an ERC20.approve call but does not check the success return value. Some tokens do not revert if the approval failed, returning false instead. The impact is that, tokens that don’t actually perform the approve and return false are still...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.9 views

Swivel.sol transfer of tokens in initiateZcTokenFillingZcTokenExit and initiateVaultFillingVaultExit can fail without reverting causing account problems

Handle GalloDaSballo Vulnerability details Impact initiateZcTokenFillingZcTokenExit and initiateVaultFillingVaultExit in Swivel.sol are using transferFrom This function call can fail meaning the tokens are not transferred without causing a revert This would break the accounting in the protocol I...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.8 views

Unhandled return value of ERC20 transfer/transferFrom

Handle 0xRajeev Vulnerability details Impact For reference, see similar Medium-severity finding from Consensys Diligence Audit of Aave Protocol V2: As stated in the above finding: “ERC20 implementations are not always consistent. Some implementations of transfer and transferFrom could return...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.12 views

lack of access modifier in mintReturn()

Handle JMukesh Vulnerability details Impact Due to lack of access modifier in mintReturn , any malicious actor can set its value to false due which function which will call mintaddress f, uint256 a will always fail which include: custodialInitiate mintZcTokenAddingNotional Proof of Concept Tools...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.11 views

unchecked return value from Transfer/TransferFrom()

Handle JMukesh Vulnerability details Impact The ERC20.transfer and ERC20.transferFrom functions return a boolean value indicating success. This parameter needs to be checked for success. Some tokens do not revert if the transfer failed but return false instead. Proof of Concept Tools Used manual...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.6 views

Markets Do Not Operate Correctly on Non-Standard Tokens

Handle leastwood Vulnerability details Impact There are a number of functions which interact with uToken in Swivel.sol but do not check the return value of the associated transfer, approve or transferFrom call. As a result, if a market is created using a non-standard token, a failed call will be...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.9 views

Admin can abuse onlySwivel

Handle 0xsanson Vulnerability details Impact In MarketPlace.sol, admin can change the swivel address at any time. A malicious admin can abuse this by setting swivel to his personal address. Then they can call some functions like p2pZcTokenExchange and p2pVaultExchange to steal zc-tokens and...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.15 views

fee-on-transfer underlying can cause problems

Handle 0xsanson Vulnerability details Impact The current implementation doesn't work with fee-on-transfer underlying tokens. Considering that Compound can have these kind of tokens ex. USDT can activate fees, this issue can affect the protocol. The problem arise when transferring tokens, basicall...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.8 views

Creating the same market shouldn't be possible

Handle 0xsanson Vulnerability details Impact Only an admin can create a market by calling MarketPlace.createMarket. With the current implementation, it's possible to create another market with the same underlying u and maturity m. Doing so would rewrite marketsum with a new ZcToken and...

7.1AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.12 views

ConcentratedLiquidityPosition.sol#collect() Users may get double the amount of yield when they call collect() before burn()

Handle WatchPug Vulnerability details When a user calls ConcentratedLiquidityPosition.solcollect to collect their yield, it calcuates the yield based on position.pool.rangeFeeGrowth and position.feeGrowthInside0, position.feeGrowthInside1: When there are enough tokens in bento.balanceOf, it will...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.10 views

ConcentratedLiquidityPoolManager uses wrong index for incentive

Handle cmichel Vulnerability details The ConcentratedLiquidityPoolManager uses the positionId as an index for incentivespoolpositionId when it should be incentiveId instead: // @audit should be Incentive memory incentive = incentivespoolincentiveId; Incentive memory incentive =...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.10 views

## ConcentratedLiquidityPoolManager.sol Wrong implementation of claimReward() and getReward()

Handle WatchPug Vulnerability details ConcentratedLiquidityPoolManager.sol Wrong implementation of claimReward and getReward Given incentive.secondsClaimed can usually be larger than 128, both claimReward and getReward will revert at: uint256 secondsUnclaimed = maxTime - incentive.startTime --- T...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.11 views

ConcentratedLiquidityPoolManager's incentives can be stolen

Handle cmichel Vulnerability details The ConcentratedLiquidityPoolManager keeps all tokens for all incentives in the same contract. The reclaimIncentive function does not reduce the incentive.rewardsUnclaimed field and thus one can reclaim tokens several times. This allows anyone to steal all...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.9 views

Wrong subtraction from reserve in burn

Handle pauliax Vulnerability details Impact function burn should subtract amount0 and amount1, not only fees from reserve0 and reserve1 here as whole amounts are withdrawn: reserve0 -= uint128amount0fees; reserve1 -= uint128amount1fees; Recommended Mitigation Steps reserve0 -= uint128amount0;...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.6 views

Unsafe cast in ConcentratedLiquidityPool burn leads to attack

Handle cmichel Vulnerability details The ConcentratedLiquidityPool.burn function performs an unsafe cast of a uint128 type to a signed integer. uint256 amount0fees, uint256 amount1fees = updatePositionmsg.sender, lower, upper, -int128amount; Note that amount is chosen by the caller and when...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.9 views

Signature check passes for maker=0 orders

Handle cmichel Vulnerability details It's possible to choose the zero address for the maker of an order. Then any signature will pass the validOrderHash check. Impact This doesn't lead to any serious issues as the zero address does not have any approvals set of its own. The transactions will fail...

7AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.8 views

Market can be overwritten

Handle cmichel Vulnerability details The MarketPlace.createMarket function does not check if a market already exists for the underlying, maturity pair. Impact Existing markets can be overwritten and the old zt and n tokens will lose their association to the market. Recommended Mitigation Steps Ad...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.11 views

ConcentratedLiquidityPoolHelper: getTickState() might run out of gas

Handle hickuphh3 Vulnerability details Impact getTickState attempts to fetch the state of all inserted ticks including MINTICK and MAXTICK of a pool. Depending on the tick spacing, this function may run out of gas. Recommended Mitigation Steps Have a starting index parameter to start the iteratio...

6.8AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.7 views

burn do not burn reserve

Handle broccoli Vulnerability details burn do not burn reserve Impact ConcentratedLiquidityPool.solL263-L266 The dev mistakenly write: reserve0 -= uint128amount0fees; reserve1 -= uint128amount1fees; It should be reserve0 -= uint128amount0fees; reserve1 -= uint128amount1fees; Other users can't min...

6.9AI score
Exploits0
Code423n4
Code423n4
added 2021/10/06 12:0 a.m.13 views

DDOS by cancelling orders or removing approvals

Handle cmichel Vulnerability details The market assumes that the maker of an order approved the swivel contract as there are many calls that move funds from the maker to the contract, see Swivel.initiateVaultFillingZcTokenInitiate/initiateZcTokenFillingVaultInitiate: uToken.transferFromo.maker,...

6.7AI score
Exploits0
Total number of security vulnerabilities10190