Unchecked token transfer

Lines of code Vulnerability details Impact Unchecked token transfer Proof of Concept Since the contract will work with many different ERC721 tokens, and not all of them are based, for instance, on the OZ ERC721 token contract. And some tokens can return False instead of reverting a transaction in...

Use of tx.origin breaks interoperability with AA wallets.

Lines of code Vulnerability details In OptionPositionMananger, several functions like close and sellOptions, need to call PMWithdraw, which calls PMTransfer. Then it is checked that tx.origin != user. However, smart contract wallet cannot be tx.origin, which means AA wallets will not be able to...

The validateCreateOrderHash function is vulnerable to an incorrect token type being provided by the caller

Lines of code Vulnerability details Impact Invalid token types could be used with encoded order info, breaking expectations of the contract. An attacker could create an order hash using different parameters than what is actually encoded in the orderInfo. This could potentially allow the attacker ...

The code uses assembly for memory allocation, which can be complex and prone to errors.

Lines of code Vulnerability details Impact The code uses assembly for memory allocation, which can be complex and prone to errors. Inefficient memory management can lead to gas inefficiency and potential vulnerabilities. Proof of Concept The code uses assembly for memory allocation, which can be...

Fee on transfer tokens will cause users to lose funds

Lines of code Vulnerability details Impact Some ERC20 tokens allow for charging a fee any time transfer or transferFrom is called. If a contract does not allow for amounts to change after transfers, subsequent transfer operations based on the original amount will revert due to the contract having...

M-08 Unmitigated

Lines of code Vulnerability details Comments The success of low-level calls is not checked in V3Proxy. If msg.sender is a contract and the fallback function has additional logic, the protocol will succeed transfer by default, which will result in the loss of user funds. Mitigation There is no...

H-01 Unmitigated

Lines of code Vulnerability details test test --- The text was updated successfully, but these errors were encountered: All reactions...

Potential Out-of-Bounds Error When Modifying Ranges

Lines of code Vulnerability details The method allows for the modification of a range based on an index. However, there's no explicit check to ensure that the provided indexToModify is within the bounds of the ranges array. If an out-of-bounds index is provided, the method will throw a generic...

Incorrect calculation of totalSupply(), balanceOf() in rUSDY.sol if the rate is unlinked from $1

Lines of code Vulnerability details Impact In rUSDY.sol, the functions totalSupply, balanceOf are calculated. totalSupply : function totalSupply public view returns uint256 return totalShares oracle.getPrice / 1e18 BPSDENOMINATOR; balanceOf : function balanceOfaddress account public view returns...

In DestinationBridge:rescueTokens function the owner can steal user tokens

Lines of code Vulnerability details Summary In the rescueToken function, it opens the door to potential insecurity for user funds because it lacks additional conditions specifying which types of tokens or under what conditions the onlyOwner can use this function. The function looks like: / @notic...

Stealing extra mint fund by applying reentrancy attack on _execute with calling approve() again due to external call before crucial state update

Lines of code Vulnerability details Impact By applying reentrancy attack involving the function mintIfThresholdMet, an user can steal extra amount of mint fund. Proof of Concept The functions mintIfThresholdMet make external mint call prior to updating the txnHashToTransaction state. If the real...

The user will receive more/less funds when calling unwrap() if the price of USDY falls/rises than expected

Lines of code Vulnerability details Impact There is a wrap function called by users to wrap their USDY tokens . In the future, to withdraw tokens, the user calls the unwrap function . However, in the unwrap function, the user can have more funds in case the price of USDY falls. Based on the case...

Wrong calculation of elapsed days

Lines of code Vulnerability details Impact For a certain period of time, the dailyIr is compounded every day. However, when calculating prevClosePrice, the last day's addition is missed. The formula for calculating the current price is as follows: Range.dailyInterestRate Days Elapsed + 1...

UniswapV3 trading fees are always locked in treasury instead of going back to the protocol users through GeVault

Lines of code Vulnerability details TokenisableRange was redesigned to redirect collected fees to a pre-defined GeVault, where the protocol stakers can benefit from the added value. However, the use of an incorrect variable makes this distribution of the fees impossible to happen, and the fees wi...

Lack of Post-Allowance Verification Before Token Minting

Lines of code Vulnerability details The code checks if the user txn.sender is allowed via the ALLOWLIST. If not, it sets the user's status to "allowed". However, after this step, there's no subsequent verification to ensure the user has indeed been added to the ALLOWLIST before minting tokens to...

Cross-chain smart contract call can revert and burned tokens in source chain can't be recovered

Lines of code Vulnerability details Summary AXELARGATEWAY.callContract doesn't revert on failure in destination chain , execute function can revert for varies reasons such as not passing require statements, or low gas so tokens remained burned in source chain and can't be recovered . Impact Loss ...

Lack of an option in DestinationBridge.sol to cancel a transaction can lead to unwanted transactions

Lines of code Vulnerability details Impact DestinationBridge.sol is for handling calls from Axelar Gateway and must be deployed in the destination chain. DestinationBridge.sol requires that the address from which Axelar messages are sent must be registered in the recipient's contract. Once a...

Lack of Oracle Price Validation in rUSDY

Lines of code Vulnerability details Summary Ondo's custom oracle, RWADynamicOracle, is responsible for delivering the price of USDY to the rUSDY token contract. The oracle is called in four different functions for the price of USDY; the results of which are also used in core functions in the toke...

Potential Price Slippage Due to Gaps in Consecutive Ranges

Lines of code Vulnerability details The method allows appending new Range instances without restrictions on the gap between the end of the last range and the start of the new one. Significant gaps between these ranges can result in considerable price slippages, introducing volatility in price...

The rUSDY.transferFrom function can cause reentrancy if is a contract been approved

Lines of code Vulnerability details Impact The rUSDY.transferFrom function can cause reentrancy if is a contract been approved, the function looks like: function transferFrom address sender, address recipient, uint256 amount public returns bool uint256 currentAllowance = allowancessendermsg.sende...

No removal mechanism from blocklist, allowlist and sanctionsList

Lines of code Vulnerability details Impact rUSDY.sol has setBlocklist sets the blocklist address, setAllowlist sets the allowlist address, and setSanctionsList sets the sanctions list address functions: However, the mechanism for removing addresses from arrays is not implemented anywhere. Even in...

Token Loss on Failed Destination Chain Call

Lines of code Vulnerability details Impact The burnAndCallAxelar function allows users to burn tokens from their account with the intention of executing a cross-chain call. However, the tokens are burned before the cross-chain call is attempted. If the cross-chain call fails on the destination...

User will loss his funds forever if Threshold are not met .

Lines of code Vulnerability details Impact mintIfThresholdMet function is called from execute function while executing a bridging transaction . This function checks if thresholds are met and only mints token in the destination chain to the user if thresholds are met properly . However , the probl...

Reorgs could revert the setRange function and lead to a long lasting stale price of USDY

Lines of code Vulnerability details Summary Reorgs could revert the setRange function and therefore lead to stale prices for a long time depending on the off chain protection, against it Vulnerability Details Here is the setRange function of the USDY price oracle: function setRange uint256...

Maybe you get the same txnHash for different transactions in DestinationBridge._execute()

Lines of code Vulnerability details Impact DestinationBridge.execute is a function that is executed when contract is called by Axelar Gateway -L114. The function calculates bytes32 txnHash = keccak256payload. txnHash is calculated based on payload. However, srcChain is not taken into account in...

Precision Error in getPrice due to Omission of Last Day's Interest

Lines of code Vulnerability details The code attempts to calculate the price based on the interest from the previous day by using range.end - 1. However, if the last day represented by range.end has fully passed, the interest for this day is never taken into account. Over time, these slight...

Critical Reentrancy Vulnerability in _mintIfThresholdMet Function

Lines of code Vulnerability details Impact The mintIfThresholdMet function contains a severe reentrancy vulnerability that can be exploited by malicious contracts. When the TOKEN.mint function is called and tokens are minted for txn.sender, the txn.amount is subsequently set to 0 by deleting...

In case of accrual of additional income for holding rUSDY tokens, the protocol is subject to a flashloan attack

Lines of code Vulnerability details Impact rUSDY is the rebasing variant of USDY token, and is heavily based on other rebasing tokens such as stETH. Users are able to acquire rUSDY tokens by calling the wrapuint256 function on the contract. Where as the price of a single USDY token varies over...

The USDT.sol contract does not accrue additional income in the form of rUSDY tokens

Lines of code Vulnerability details Impact rUSDY is the rebasing variant of USDY token, and is heavily based on other rebasing tokens such as stETH. Users are able to acquire rUSDY tokens by calling the wrapuint256 function on the contract. Where as the price of a single USDY token varies over...

Wrong tick selected by GeVault.getActiveTickIndex()

Lines of code Vulnerability details During mitigation of M-03, the function getActiveTickIndex has been completely rewritten. The new logic uses the following statement to identify the active ticker that represents the Uniswap V3 liquidity pool actively traded: if baseTokenIsToken0 && amt0 == 0 |...

Price Manipulation Through Vulnerability in simulateRange Function

Lines of code Vulnerability details Impact The simulateRange function, although designed for simulation and testing purposes, could potentially be exploited in a sandwich attack scenario. A malicious actor could front-run a user's transaction by using a flash loan to manipulate the price,...

Users can lost their USDY tokens in the Source Chain if something fails during the crosschain communication because there is not a validation mechanism to confirm that tokens were minted in the Destination Chain

Lines of code Vulnerability details Impact Users can lost their USDY tokens that were burnt in the Source Chain when bridging to another chain. Proof of Concept The bridging implementation solely relies and assumes that all messages sent to the Axelar Network will be validated and won't have any...

lack of address(0) check for oracle address

Lines of code Vulnerability details Impact no oracle no updated prices. Not sure what happens if try to call getPrice in this scenario, but IF it returns price of zero, then number of tokens from getRUSDYByShares will be zero for any amount of USDY shares... Proof of Concept Tools Used Recommende...

Users will not receive on Token on Destination chain because the internal _executeWithToken(...) function is not implemented.

Lines of code Vulnerability details Impact Loss of tokens on the Destination chain. Proof of Concept The DestinationBridge.sol contract inherits AxelarExecutable.sol which has the executeWithToken... that's called at the end of executeWithToken... function. The executeWithToken... is not...

Absence of Start-End Time Validation in Range Creation

Lines of code Vulnerability details The code allows the creation of a Range structure without ensuring that startTime is strictly less than endTime. The absence of this validation might lead to unintended behavior or logical errors in functionalities that rely on the order of these timestamps...

Token recipient is an inaccessible address for contracts

Lines of code Vulnerability details Impact The msg.sender address from the SourceBridge.burnAndCallAxelar function is used by the DestinationBridge.mintIfThresholdMet function as the TOKEN recipient. However, the msg.sender address will not be controllable by contracts on L2, so any tokens will b...

Funds will be lost in case the block reorg occurs on the chain of sending bridge

Lines of code Vulnerability details Impact Funds will be lost in case the block reorg occurs on the chain of sending bridge Proof of Concept consider the following scenerio on sending chain: In block 1: Alice sends the 1000 tokens to the destination bridge and the nonce for it is set to 10 In blo...

Insufficient Gas Fee Estimation Leading to Incomplete Transactions

Lines of code Vulnerability details The contract allows a user to send Ether, presumably for transaction fees or gas. However, there is no mechanism in place to verify that the msg.value is sufficient to cover the actual gas cost for contract execution. Consequently, a scenario could arise where...

Tokens transferred with bridge can get lost if destination transaction can’t be executed

Lines of code Vulnerability details Impact User could lost his tokens, if tx on destination chain will failrevert. There is no option to recover the tokens on source chain. Revert could be cause by function attachThreshold. This function finds the correspondence between the amount and threshhold...

Incorrect initialization of rUSDY.sol

Lines of code Vulnerability details Impact rUSDY.sol contract inherits PausableUpgradeable contract but does not invoke its initialzers during its own initialization. Due to which the state of PausableUpgradeable contract remain uninitialized. File: contracts/usdy/rUSDY.sol contract rUSDY is...

Owner cannot rescueToken if blocklisted.

Lines of code Vulnerability details Impact Token could be stuck if owner is blocklisted by the token. Proof of Concept rescueToken can be used to rescue token sent to the contracts. function rescueTokensaddress token external onlyOwner uint256 balance = IRWALiketoken.balanceOfaddressthis;...

Missing Slippage Protection in unwrap function

Lines of code Vulnerability details Summary The unwrap function swaps rUSDY to USDY and calls the oracle during these process to get the current USDY price. There is no slippage protection implemented, which can lead to loss of funds. Vulnerability Details Unexpected changes between the call to t...

Risk of Token Get Stuck in burnAndCallAxelar Function due to Use of Same Chain ID

Lines of code Vulnerability details Impact The burnAndCallAxelar function within the contract presents a potential risk where tokens can become stuck if the same chain ID is used for both the source and destination chains. In this scenario, tokens are burned from the user's account, and a...

A user with the BURNER_ROLE role should be able to burn rUSDY tokens from the balance of a blocked address

Lines of code Vulnerability details Impact There are functions for blocking users: setBlocklist - setAllowlist - setSanctionsList - Suppose the user has rUSDY tokens. Then it was added to the blocklist. His tokens will then be blocked. There is a burn function where you can burn rUSDY tokens from...

Discrepancy in Token Allowance After Rebase Events

Lines of code Vulnerability details The function returns the number of tokens that spender is allowed to spend on behalf of owner. However, in the context of tokens with rebase mechanisms, the owner's balance can dynamically change without explicit transactions. The described behavior might lead ...

In the event of a fall in the price of USDY, the withdrawal of funds for the user may be blocked

Lines of code Vulnerability details Impact There is a wrap function called by users to wrap their USDY tokens . In the future, to withdraw tokens, the user calls the unwrap function . However, in the unwrap function, the user can have more funds in case the price of USDY falls. Based on the case...

Low level calls to accounts with no code will succeed in multiexcall function

Lines of code Vulnerability details Impact Low level calls behave differently than function calls in Solidity. Calls at the EVM level to accounts with no code are successful, this is the expected and normal behavior. It is Solidity that adds checks to prevent accidental calls to accounts with no...

Every user's rUSDY balance can be changed suddenly by updating RWADynamicOracle.ranges before block.timestamp

Lines of code Vulnerability details Impact RWADynamicOracle.overrideRange and setRange can change the USDY price in rUSDY and the rUSDY balance in a tx. 1. Users cannot believe the rUSDY balance because ranges can be updated by an admin at any time. 2. When USDY price in rUSDY changes in a tx, a...

No zero address check on constructor parameters in contracts

Lines of code Vulnerability details Impact Detailed description of the impact of this finding There is no address0 check in the constructor of the following contracts; 1. Sourcesbridge.sol 2. rSUDY.sol 3. Destination ridge.sol 4. rSUDYFactory.sol Lack of addr0 check can lead to loss of important...

New from fees rework: fees can still be stolen with a flash-loan on GeVault

Lines of code Vulnerability details The TokenisableRange fees have been reworked to be sent to the corresponding GeVault instance This fixed the problems with fee accounting in TokenisableRange but created a new, similar one in GeVault, where the deposit function does not count the fees in the...