Wrong estimation of _incomeDistributionYearly

Lines of code Vulnerability details Impact Incorrect estimation of incomeDistributionYearly due to an uncertain assumption, leading to wrong APR estimation. Proof of Concept ... uint256 totalIncomePerBlockFromPLP = IPrimeLiquidityProviderprimeLiquidityProvider...

Prime.sol : Incorrect decimal scaling

Lines of code Vulnerability details Impact Incorrect computation of the capital variable due to an incorrect decimal scaling. This directly impacts the computation of user's score. PoC The function calculateScore calculates the score for a given user and a given market. One of the core variables ...

Potential Fund Compromise via Malicious Token Insertion

Lines of code Vulnerability details Impact Since any token can be sent to the PrimeLiquidityProvider contract there is a great chance of an attacker sending a scam token with some legit value in it to lure the owner making him sweep those tokens and by doing so compromising the whole contract's...

User scores can be wrong due to wrong scaling of the Capital.

Lines of code Vulnerability details Impact In the prime.sol contract, the function CalculateScore is used to calculate and scale the capital using 1e18 as the SCALEFACTOR. The capital is then used to call CalculateScore in Score.sol to calculate the score. The problem here is that using 1e18 as t...

User Score Not Updated During Interest Claim, Leading to Incorrect Interest Calculations

Lines of code Vulnerability details Impact This oversight in the contract logic may lead to incorrect interest calculations for users. Specifically, if a user's balance or the factors contributing to the score changes between interest accruals due to actions outside of staking more tokens, the...

functions in FixedMath.sol directly converting uint256 arguments to int256 which may overflow

Lines of code Vulnerability details Impact functions in FixedMath.sol directly converting uint256 arguments to int256 which may overflow or return unexpected values Proof of Concept functions in FixedMath.sol like uintDiv , uintMul , toFixed directly converting its arguments from uint256 to int25...

No zero address check in PrimeLiquidityProvider.sol:sweepTokens

Lines of code Vulnerability details Impact Possible loss of funds due to sending them to the address0, the developer's assumption is that safeTransfer is checking for to not being the address0. In reality, it doesn’t implement such a check and we can see from the implementation of the function:...

Incorrect Score calculation in Prime.sol

Lines of code Vulnerability details Impact Score is not calculated correctly; improperly high weight will be given to the staked XVS amount or the supply/borrow amount. Rewards accrued will not be properly calculated, so users may accrue too much or too little reward. Proof of Concept...

BLOCKS_PER_YEAR in Prime.sol should vary depending on leap and non-leap year

Lines of code Vulnerability details Impact Since BLOCKSPERYEAR is used for calculating the total income that's going to be distributed in a year to prime token holders in the function incomeDistributionYearly, an inadequate non-zero value for BLOCKSPERYEAR in terms of chain and/or leap/non-leap...

Users can use flashloans to get higher share of accrued token

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Users' vtoken balance is one of the factors to determine their score. Malicious users can just use some flashloan services that offer these vtokens to boost their balance temporarily, hence boosting the...

Irrevocable token holders can instantly mint a revocable token after burning and bypass the minimum XVS stake for revocable tokens

Lines of code Vulnerability details Impact When an irrevocable token is burned by the admin, the holder should go through the 90 day staking period again before accruing rewards. However, the holder can exploit the protocol to immediately begin accruing rewards after burning. Furthermore, the...

Lack of Access Control for Critical Functions

Lines of code Vulnerability details Impact Several critical functions within the Prime contract lack proper access control mechanisms. These functions handle sensitive operations, making the contract vulnerable to unauthorized access and potential exploits. Proof of Concept Tools Used Manual...

A malicious user can reduce a staker's rewards

Lines of code Vulnerability details Impact A user's interest is accrued through the executeBoost function, which calls interestAccrued which performs calculations on how much the user has accrued. Said calculations are made by subtracting the user's rewardIndex from the current market rewardIndex...

function 'accrueInterest(address vToken)' allows too many rewards to be allocated

Lines of code Vulnerability details Impact Malicious users can increase the number of rewards they receive within a block. Proof of Concept In the Prime contract, marketsvToken.rewardIndex is used to determine how many rewards are allocated to Prime token holders, and its value can only be change...

XVSVault implementation cannot be upgraded due to lack of proper mechanism

Lines of code Vulnerability details Summary The XVSVault is expected to be upgradeable in context of xvs staked for claim to venus prime token. The XVSVault will be updated in the Prime.sol with the initializefunction. Impact The Prime.sol cannot be upgraded as clearly mentioned in the scoping...

Update score system can be bricked

Lines of code Vulnerability details Impact The updateScores function is used to manually update users scores, devlopers have shared their reasoning of this in the documentation. Any change in the alpha and the multipliers will unbalace the reward system because the change cannot be propagated to...

Users can claim double the interest than they are supposed to.

Lines of code Vulnerability details Impact A malicious user can claim double the amount of interest by calling accrueInterestAndUpdateScore function before calling claimInterestfunction. This can result in direct loss of funds for the protocol and hence the high severity. Proof of Concept 1. The...

Staking period reset to zero

Lines of code Vulnerability details Impact The claim function checks if the user has staked 1,000 XVS for 100 days and then sets stakedAtmsg.sender = 0.Meaning, it sets the staked period for that certain user to zero. Then,it calls the mint function.The mint function then checks if the user alrea...

Underlying tokens are stuck in the Prime contract due to roundings, which has been exacerbated by the multiplication.

Lines of code Vulnerability details Impact Underlying tokens are stuck in the Prime contract due to rounding, which has been exacerbated by the multiplication. Proof of Concept In the accrueInterest function, the value of the new market index marketsvToken.rewardIndex will be rounded down since t...

underflow possible with sufficiently large capital and sufficiently low alpha

Lines of code Vulnerability details Impact An underflow is possible when a sufficiently large capital is coupled with an adequately low alpha value. This scenario may trigger unanticipated behaviors, resulting in the unforeseen failure of transactions, undermining the integrity and reliability of...

calculateAPR and estimateAPR may return invalid results

Lines of code Vulnerability details Impact The capitalForScore function in the Prime contract calculates the capital for calculation of score using a price oracle. The function is called three times inside of the contract, where only in the calculateScore is the oracle updated using the following...

updateScore() is vulnerable to flashloan manipulation

Lines of code Vulnerability details Impact vToken.balanceOfuser can be manipulated by dong some flash loan of vToken. Proof of Concept A flash loan attack is a type of exploit that takes advantage of the fact that flash loans are uncollateralized and do not require a credit check. In a flash loan...

Single Failure in claim() Reverts Entire Transaction

Lines of code Vulnerability details Impact When the claim function is called it calls internally initializeMarketsmsg.sender which then loops through the whole market and other functions involving the user passed as parameter, the problem is that if one single thing fails everything will fail and...

An irrevocable prime token holder can claim a revocable token after burning the initial one

Lines of code Vulnerability details Bug Description Here's the step-by-step description of this issue: 1. A user depositsXVSVault.deposit 10,000 XVS tokens for a certain period e.g., 90 days. 2. ACM issuesPrime.issue an irrevocable prime token to the user. 3. The user...

A malicious user can avoid unfavorable score updates after alpha/multiplier changes, resulting in accrual of outsized rewards for the attacker at the expense of other users

Lines of code Vulnerability details Note All functions/properties referred to are in the Prime.sol contract. Impact A malicious user can accrue outsized rewards at the expense of other users after updateAlpha or updateMultipliers is called. Proof of Concept An attacker can prevent their score fro...

Gas Limit Issues/DoS with Block Gas Limit

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Iterating through the users array without a limitation might cause the function to consume a lot of gas, especially when the array size is large. It may potentially reach the block gas limit and get...

accrueTokens() may truncate user accrual amounts unfairly

Lines of code Vulnerability details Impact High, as this could result in users not receiving rewards they have earned. Any truncation or unfair distribution can erode trust in the protocol, leading to potential dissatisfaction among users and participants. Proof of Concept Take a look at...

Prime.sol currently miscalculates the duration users have already staked, which breaks multiple core functions.

Lines of code Vulnerability details Summary A wrong assumption is currently being made regarding the time taken to mine a block in all chains where the protocol will be deployed this is cause multiple core functions inappropriately equate block per year to seconds per year. Impact The impact is...

Missing of the distribution state updating

Lines of code Vulnerability details Impact The getEffectiveDistributionSpeed can return incorrect information. It can return distributionSpeed but the accrueTokens function will increase tokenAmountAccruedtoken only for the difference between token.balanceOfaddressthis and tokenAmountAccruedtoken...

Potential Blacklisting from Accepting Tainted Tokens

Lines of code Vulnerability details Impact The contract can store practically any token, the problem is that some tokens have to be compliant with authorities and because of that they can and probably will add the contract's address to their blacklist if any tainted token is sent to it, here it i...

Inefficient handling when the Prime contract is unfunded during interest claims

Lines of code Vulnerability details Impact Loss of funds. Transferring of wring user amount interests. This issue also might leave the PrimeLiquidityProvider with a depleted balance, making it unable to fulfill other potential interest payouts. Additionally, if the PrimeLiquidityProvider doesn't...

anyone with valid token address can create DOS for accrueInterest() in prime.sol

Lines of code Vulnerability details Impact anyone or attacker with valid token address can create DOSdenial of service for accrueInterest and functions using accrueInterest in prime.sol Proof of Concept a function accrueTokens in PrimeLiquidityProvider.sol has visibility pubic,it means anyone can...

Potential Gas Limit Issue with Bulk Score Updates

Lines of code Vulnerability details The updateScores function, which updates scores for multiple users, uses a nested loop structure. This can lead to a situation where if the users array is large and each user has many markets to update, the function could run out of gas. Impact If the function...

The prime Initializer function in prime.sol is marked “virtual”

Lines of code Vulnerability details Impact The prime initializer is responsible for setting the state variables in the prime.sol contract. The deal breaker here is; Use of virtual - If the function in the parent contract is expected to be overridden in its child contracts, it should be declared a...

accrueTokens() function could revert due to potential underflow

Lines of code Vulnerability details Impact Medium, as any underflow would cause the accrueTokens function to revert, preventing tokens from being accrued, which disrupts the rewards distribution mechanism. Proof of Concept The accrueTokens function is designed to update the distribution state by...

accrueTokens will revert if any rebase tokens are used

Lines of code Vulnerability details Impact In PrimeLiquidityProvider.sol:accrueTokens we get the current balance of the passed token. If the token is any rebase token AMPL, stETH, RMPL and the current balance has become lower than tokenAmountAccruedtoken, the function will revert. This will lead ...

Lack of Input Validation

Lines of code Vulnerability details Impact Neither function appears to validate the length of the users array, which opens the door for misuse or unexpected behavior. Proof of Concept A user can pass an empty array or an exceedingly large array to disrupt expected behavior. Tools Used Manual code...

Wrong calculation of APR in certain conditions.

Lines of code Vulnerability details Impact The wrong APR due to the miscalculation of effective distribution speed. Proof of Concept The functions Prime.sol/calculateAPR and Prime.sol/estimateAPR both uses the function calculateUserAPR which uses incomeDistributionYearly function. Now this functi...

Prime.sol: stakedAt value is not deleted when manually issuing an irrevocable token

Lines of code Vulnerability details Impact Protocol specifications state that a user cannot have less than the minimum xvs staked if they are not irrevocable prime token users. In other words, only holders of irrevocables prime tokens can have less than the minimum xvs staked. The problem arises...

Loss of interests due to loss of precision

Lines of code Vulnerability details Impact Users can lose accrued interest due to loss of precision during calculation. It is possible that the interestsvTokenuser.rewardIndex is changed and the interestsvTokenuser.accrued is never increased. Proof of Concept The interestsvTokenuser.rewardIndex a...

Irrevocable token can be downgrade to be revocable

Lines of code Vulnerability details Impact Code Invariant Irrevocable token cannot be downgrade to be revocable can be break leading to loss of user accrued rewards. Proof of Concept In this message one of the contest sponsors syas: "irrevocable token cannot be downgrade to be revocable" To...

pendingScoreUpdates counts may be corrupted

Lines of code Vulnerability details Vulnerability details Prime.pendingScoreUpdates is used to record the number of users whose score needs to be recalculated when addMarket , updateAlpha , updateMultipliers occurs. Record pendingScoreUpdates=totalIrrevocable + totalRevocable when the above metho...

Prime.sol - User can claim Prime token without having any staked XVS, because his stakedAt isn't reset whenever he is issued an irrevocable token.

Lines of code Vulnerability details Impact Whenever a new Prime token is created, the users stakedAt is reset to 0. This happens when the user claim a revocable token and when he is issue a revocable token, but it does not happen when a user is issue an irrevocable token. This is issue function...

M-05 MitigationConfirmed

Lines of code Vulnerability details In the previous implementation when stakingContract.totalAllocPoint = 0 stakingContract.withdraw and stakingContract.deposit will div 0 , revert This results in StargateRewardableWrapper no longer being able to execute StargateRewardableWrapper.withdraw The...

Incorrect AfEth.price() calculation

Lines of code Vulnerability details Impact AfEth.price may be calculated as too low. Proof of Concept AfEth.requestWithdraw does not burn the afEth but only transfers it to itself. Hence the withdrawRatio is calculated using only the free supply of afEth: AfEth.solL180-L185 // ratio of afEth bein...

Inflation attack in VotiumStrategy

Lines of code Vulnerability details Summary The VotiumStrategy contract is susceptible to the Inflation Attack, in which the first depositor can be front-runned by an attacker to steal their deposit. Impact Both AfEth and VotiumStrategy acts as vaults: accounts deposit some tokens and get back...

cvxPerVotium() calculation will return zero if all CVX tokens are pending withdrawal as obligations

Lines of code Vulnerability details Summary The implementation of cvxPerVotium contains an edge case that causes it to return an invalid zero value price. Impact The cvxPerVotium function present in the VotingStrategy contract is used to measure the number of held CVX tokens per vAfEth. 144:...

Withdrawals will be permanently DOSed if VLCVX's owner decides to shutdown the contract

Lines of code Vulnerability details Bug Description In VotiumStrategy.sol, the relock function is used to withdraw all unlockable CVX and then lock an appropriate amount of CVX again. It does so by calling lock of the VLCVX contract: VotiumStrategy.solL145-L148 if cvxAmountToRelock 0...

The current vlCVX balance is not freezed, when withdrawal has been requested

Lines of code Vulnerability details Vulnerability Details After some deposits/withdrawals being made by users, the following edge case might occur: Let's say, n = totalLockedBalancePlusUnlockable, before iterating over the lockedBalances. t1 = lockedBalance0.unlockTime t2 =...

Swap functionality to sell rewards is too permissive and could cause accidental or intentional loss of value

Lines of code Vulnerability details Summary While the intention is to use the 0x protocol to sell rewards, the implementation doesn't provide any basic guarantee this will correctly happen and grants the rewarder arbitrary control over the tokens held by the strategy. Impact Rewards earned in the...