Inactive Orchestrators and delegators's vote still counts towards as effective when calculating the quota and quorum

Lines of code Vulnerability details Impact Inactive Orchestrators and delegators's vote still counts towards as effective when calculating the quota and quorum Proof of Concept According to the documentation, one of the priorty is to ensure the code implementation matches the LIP specification...

underflow can happens after delegator vote and block vote counting

Lines of code Vulnerability details Impact underflow can happens after delegator vote and block vote counting Proof of Concept In the current implementation, when a voting, the function countVote is triggered, this function is overriden in the function GovernorCountingOverridable.sol weight =...

Malicious user can prevent the creation of a proposal

Lines of code Vulnerability details Vulnerability Detail The LivepeerGovernor inherits OpenZeppelin's GovernorUpgradeable contract. The GovernorUpgradeable utilizes the hashProposal function to generate a unique hash when creating a new proposal. The hash depends solely on input parameters:...

_weight - voter.deductions can revert in underflow when counting the vote

Lines of code Vulnerability details Impact weight - voter.deductions can revert in underflow when counting the vote Proof of Concept In the current implementation, when a voting, the function countVote is triggered, this function is overriden in the function GovernorCountingOverridable.sol weight...

The function does not restrict who can call it beyond the check for the delegator's status

Lines of code Vulnerability details Impact Access Control: The function does not restrict who can call it beyond the check for the delegator's status i.e., it must be Bonded. If there are additional constraints on who should be able to call this function e.g., only the original delegator, those...

Lack of Checks for 'msg.sender': The function checks whether msg.sender is _owner or l2Migrator() but doesn't specify who should normally be calling this function.

Lines of code Vulnerability details Impact In the bondForWithHint function, there is a segment of code that checks if msg.sender is owner or l2Migrator, but the function does not explicitly state which role or account should be the normal caller. This could be a potential security issue, as faili...

Lack of Input Validation and Error Handling

Lines of code Vulnerability details Impact In the slashTranscoder function, the parameters slashAmount and finderFee are directly used for computation without any validity checks. This design overlooks several key issues: There's no check to see if slashAmount or finderFee are within logical...

When user unbonds before transcoder calls reward, then cumulativeRewardFactor for the round is less than it should be

Lines of code Vulnerability details Impact When user unbonds before transcoder calls reward, then cumulativeRewardFactor for the round is less than it should be. As result other delegators loose rewards. Proof of Concept Each round transcoder can call reward function in order to claim reward toke...

on hitting ceiling, the Bonds Manager re configures to stop collecting treasure cut, but does not have inverse logic

Lines of code Vulnerability details Impact The bonds manager configures itself to stop collecting treasury reward cut, if the balance in treasury is above the configured ceiling. But, the resetting of is managed by the admin account manually. The execution of proposals is based on funds in...

Incorrect price precision in RdpxV2Core

Lines of code Vulnerability details Impact The core contract expects the price oracle to return 1e8 precision, but its actually 1e18. This will cause heavily incorrect results from all usages of the price. Proof of Concept The RdpxV2Core.getRdpxPrice function is meant to return 1e8 precision:...

The utilization of strict equality within the subtractLoss function is susceptible to straightforward manipulation by a potential attacker.

Lines of code Vulnerability details Impact If this equality condition is intentionally disrupted, it will result in the failure of all settlement processes carried out using the settle function. Proof of Concept Tools Used Manual review Recommended Mitigation Steps - collateral.balanceOfaddressth...

Any call to settle a bond can be reverted by donating 1 WEI to the VaultLP contract

Lines of code Vulnerability details Impact Any settle call can be reverted, thus disallowing the protocol from settling any options and from releasing the locked tokens. Proof of Concept The protocol admin calls settle on an option when its price gets bellow the strike price, at which the option ...

RDPX price manipulation benefit for attacker via a Flashloan attack

Lines of code Vulnerability details Impact As the RdpxV2Core contract burns RDPX tokens, a malicious attacker can benefit from a price manipulation attack using a flashloan attack Proof of Concept The function bond in the RdpxV2Core contract is a primary function to enter the protocol and bond...

ERC721 tokens are blocked in rdpxV2Core contract

Lines of code Vulnerability details The admin has the right to recover an ERC721 token in the UniV3LiquidityAMO contract. He needs to call recoverERC721 and provide the tokenAddress and tokenid values, where the token with tokenid will be transferred to the rdpxV2Core contract...

Options could not be settled, causing liquidity get locked in vault

Lines of code Vulnerability details Impact In settle logics, RdpxV2Core contract calls to PerpetualAtlanticVault.settle to update funding, burn option tokens and do some token settles. However, the logic could be reverted in the call...

Users can redeem rDpx they haven't deposited

Lines of code Vulnerability details Impact This can lead to loss of funds for the protocol Proof of Concept In the redeem function of PerpetualAtlanticVaultLP, rdpx amount to send to the user is calculated in addition to the Weth and there is no check for if the user actually owns the rdpx. asset...

Calculating slippage from price oracle is not accurate

Lines of code Vulnerability details Impact calculating slippage using oracle prices will lead to inaccurate slippage values , due to this swaps will fail or execute with higher slippage. Proof of Concept In curveSwap function of RdpxV2Core contract slippage is being calculated using oracles price...

Flashloan/Sandwich Attacks on UpdateFunding()

Lines of code Vulnerability details Impact The attacker can launch a sandwich/flashloan attack on the updateFunding function to gain most of the reward. Proof of Concept 1. The attacker observed that some reward is going to be distributed via updateFunding function. 2. The attacker borrowed...

Potential insolvency risk in dpxETH stablecoin system due to absence of liquidation mechanism

Lines of code Vulnerability details Impact The dpxETH stablecoin system, as implemented, relies on user deposits as collateral when the stablecoin is minted through bond purchasing. When the bonding process is done, the protocol mints a corresponding amount of Receipt tokens to the user that he c...

Swap Slippage Check Missing Location: reLP function

Lines of code Vulnerability details Impact If the swap doesn't meet the slippage tolerance, the function will still continue executing. This could lead to the contract holding less tokenA than expected, which could affect the subsequent addLiquidity call and the final balances of the AMO and...

Missed approving to UniswapV2Router

Lines of code Vulnerability details Impact The contract should have already granted an allowance of at least minamountOfWeth for the input token. This step is missing during the UniswapV2Router call within the lowerDepeg function. // @audit msg.sender should have already given the router an...

Lack of minAmount when adding liquidity into Uniswap V2 can lead to the LP getting MEVd

Lines of code Vulnerability details Impact The amount being LPd into Uniswap can get stolen trough MEV. Proof of Concept The reLP contract re-LPs a certain amount of the tokens, that enter after a bond gets bought. The issue arises due to there not being proper minimum liquidity amounts passed wh...

If funding duration is update after few epoch, it will completely brick the perPetualAtlanticVault.sol

Lines of code Vulnerability details Impact perpetualAtlanticVault.sol functionality is dependent upon the funding duration which can be changed by the admin and can lead to bricking the whole calculations in the perpetualAtlanticVault.sol Proof of Concept Initially funding duration is set to seve...

A difference in the rDPX price between the oracle and DEXs used for trading can cause more slippage than expected

Lines of code Vulnerability details Impact The protocol will experience much higher slippage than supposed to due to using the wrong price in calculating the amount after slippage. Proof of Concept The protocol executes swaps on Uniswap and Curve. The issue arises due to the protocol using its ow...

Zero Redemption Amount in RdpxDecayingBonds Contract

Lines of code Vulnerability details Impact The redeem function, as described, checks whether the assets to be redeemed assets are not zero. This check is in place to ensure that a user isn't redeeming a non-zero amount of rdpxAmount tokens in exchange for zero assets. Such a check is essential to...

Incorrect slippage calculation in _curveswap function

Lines of code Vulnerability details Impact swaps will fail or execute with higher slippage than intended. Proof of Concept In curveSwap function of RdpxV2Core contract , getEthPrice should be used in place of getDpxEthPrice, and getDpxEthPrice should be used in place of getEthPrice. / @notice...

Overwriting rdpxAmount Without Checks

Lines of code Vulnerability details Impact The decreaseAmount function, specifically the line bondsbondId.rdpxAmount = amount;. This vulnerability allows overwriting the rdpxAmount without any checks or backups, which can result in irreversible data loss. function decreaseAmount uint256 bondId,...

Regular bonding incorrectly purchases a reduced amount of Put options due to discount

Lines of code Vulnerability details During rDPX bonding, rdpxV2Core will purchase put options for the rDPX that are used for minting DPXETH. This is for hedging against rDPX price drop to protect the DPXETH peg. The amount of put options to purchase is equivalent to the amount of rDPX that are us...

DOS the system by frontrunning the initialize function

Lines of code Vulnerability details Impact LivepeerGovernor and Treasury are vulnerable to DOS. Proof of Concept The initialize function present in these two contracts is not called just after their construction. Which is confirmed in the contract LivepeerGovernorUpgradeMock.sol while initializin...

Attacker can DOS the ability of the protocol to exercise their options

Lines of code Vulnerability details Impact When an option is ITM, the admin can call the settle function of the RdpxV2Core contract, which will call the settle function of the PerpetualAtlanticVault contract. This function checks that the WETH balance of the PerpetualAtlanticVaultLP contract is...

Bonding WETH discounts can drain WETH reserves of RdpxV2Core contract to zero

Lines of code Vulnerability details Impact Depending on the reserves of rDPX, bonding discounts are given both on the rDPX and WETH collateral requirements for minting dpxETH. The bonding discounts for both rDPX and WETH portions are provided as rDPX which is taken from the treasury. The issue wi...

[M-02] BondingVotes.getPastVotes(): User can easily manipulate voting power for round

Lines of code Vulnerability details Impact User can take a collaterized loan of LPT and bond for a single round to gain voting power for a single round and vote on proposals. This is because when voting, only the single round is checked when retrieving the voting power via...

EIP-2938 Breaks Whitelist Logic

Lines of code Vulnerability details Impact Unauthorized contracts can bypass whitelistedContractsmsg.sender due to EIP-2938. Proof of Concept In the function isEligibleSender it checks if msg.sender != tx.origin... but when EIP-2938 a.k.a Account Abstraction is fully implemented it will be possib...

Malicious users can manipulate the withdrawRound to withdraw their stake before the unbonding period is over.

Lines of code Vulnerability details Impact Disruption the normal bonding incentives and mechanisms in the protocol. Validators or transcoders could withdrew unexpectedly, preventing governance responses to bonded token changes. Proof of Concept The withdrawStake function first checks if the...

Deployment issues with chains not compatible with Shanghai hardfork

Lines of code Vulnerability details Impact Besides issues with deployment &maintenance contracts; A Big Issues is quoted below from an audit finding... "This could also become a problem if different versions of Solidity are used to compile contracts for different chains. The differences in byteco...

Potential Over-redemption Vulnerability in redeem Function

Lines of code Vulnerability details Impact In the redeem function, when a third party is using their allowance to redeem shares on behalf of an owner, there exists a potential scenario where the third party could redeem more than originally intended by the owner. Proof of Concept This is how the...

[H-01] GovernorCountingOverridable.castVoteBySig()/castVoteWithReasonAndParamsBySig(): Possible signature replay attacks to influence proposal execution

Lines of code Vulnerability details Impact In the GovernorCountingOverridable.sol inherited by LivePeerGovernor.sol, users can provide a signature to allow someone else to vote on their behalf using the castVoteBySig/castVoteWithReasonAndParamsBySig function since this functions are not overriden...

DOS in governance when voting after delegate

Lines of code Vulnerability details Impact The GovernorCountingOverridable::handleVoteOverrides function substracts the delegator vote weight from the total votes when the delegatee has already submited a vote. However, if the delegator's vote is greater than the current total vote the substracti...

Increasing Stake records the delegated amount for delegator, but does not update the earningsPool stake for transcoder resulting in loss of rewards

Lines of code Vulnerability details Impact IncreaseTotalStakeUncheckedPoint function updates the delegated amount, but could may not update the staked amount for the transcoder. This will impact the rewards calculation for transcoder and delegators. Proof of Concept When the TotalStake is...

Vulnerability in the increaseTotalStake() call happening before deleting the lock in the processRebond() function.

Lines of code Vulnerability details Impact This can allow double claiming of stake if the user tries to rebond again with the same lock ID. Proof of Concept The main points: • del.bondedAmount is increased before the lock is deleted • increaseTotalStake is called after deleting the lock If...

The bond manager contract does not properly zero out the transcoder's cumulative rewards/fees between rounds.

Lines of code Vulnerability details Impact transcoder's cumulative rewards and fees can continue accumulating from previous rounds, instead of resetting each round. This means a transcoder could claim portion of rewards/fees that it should not be entitled to. Proof of Concept This only resets the...

PerpetualAtlanticVaultLP incentives can be stolen via flash loan

Lines of code Vulnerability details Impact The liquidity pooled from the PerpetualAtlanticVaultLP is used by the core contract. This liquidity is provided by anyone, and after each epoch 1 week an incentive is paid after to further incentivise liquidity provision. However, the funds can be stolen...

arbitrum block.number refers to L1 block number, not L2 block number when determining the round

Lines of code Vulnerability details Impact arbitrum block.number refers to L1 block number, not L2 block number Proof of Concept In the current implementation, the round manager use block.number to determine the round However, according to the block.number in arbitrum refers to ethereum mainnet...

You can front-run to enrich yourself

Lines of code Vulnerability details Impact An attacker can use flash loan and withdraw significant part of funding intended for collateral providers. Proof of Concept Let's consider code snippet from deposit: requireshares = previewDepositassets != 0, "ZEROSHARES";...

In BondingVotes.sol, clock() will not work properly for Arbitrum due to use of block.number

Lines of code Vulnerability details Impact In BondingVotes.sol, clock is set to match the current round and clock has been extensively used in onlyPastRounds, getVotes, delegates, checkpointBondingState, checkpointTotalActiveStake, getTotalActiveStakeAt, getBondingCheckpointAt and it is given as...

Attacker can steal funding yield from the PerpetualAtlanticVaultLP contract atomically

Lines of code Vulnerability details Impact An attacker is able to atomically steal large amounts of the funding yield from the PerpetualAtlanticVaultLP contract. This is due to the fact that the deposit function of the PerpetualAtlanticVaultLP contract will first issue the attacker shares based o...

DoS sending WETH from RdpxV2Core to PerpetualAtlanticVault via provideFunding()

Lines of code Vulnerability details Impact The amount of reserveAssetreservesIndex"WETH".tokenBalance can be set to 0, by first calling addToDelegate with the current value of reserveAssetreservesIndex"WETH".tokenBalance, then calling withdraw to withdraw all the deposited weth and then calling...

.The _newPosPrev/_newPosNext hints do not fully prevent invalid ordering when decreasing a delegate's stake.

Lines of code Vulnerability details Impact The contract could incorrectly deactivate or reward transcoders based on the invalid pool order. Proof of Concept When decreasing a delegate's stake with decreaseTotalStake, the contract calls transcoderPool.updateKey to update the delegate's position in...

Slashed transcoder can gain more voting power than it should if all of his bondedAmount would be slashed

Lines of code Vulnerability details Impact Slashed transcoders can still become active transcorders by bonding an amount again to increase the total stake, which can inflate the actual delegatedAmount, giving those transcorders more power voting power than it should. Proof of Concept Every time...

Inaccurate Bonded Amount Event Emission

Lines of code Vulnerability details Impact in here : if previous.bondedAmount != current.bondedAmount emit DelegatorBondedAmountChangedaccount, previous.bondedAmount, current.bondedAmount; the function checks if the previous.bondedAmount is not equal to current.bondedAmount before emitting the...