Initialization Issue in EarningsPoolL

Lines of code Vulnerability details Impact the vulnerable part in code : uint256 prevCumulativeRewardFactor = prevEarningsPool.cumulativeRewardFactor != 0 ? prevEarningsPool.cumulativeRewardFactor : PreciseMathUtils.percPoints1, 1; earningsPool.cumulativeRewardFactor =...

ERRORNEOUS RETURN VALUE PROVIDED BY THE UniV2LiquidityAmo.getLpTokenBalanceInWeth FUNCTION DUE TO PRECISION ERROR

Lines of code Vulnerability details Impact The UniV2LiquidityAmo.getLpTokenBalanceInWeth function is used to return the LP token balance of the contract in weth. It calls the getLpPrice function which is expected to return the LP price in 1e8 precision. getLpPrice function calls the...

Bond Redemption is lower than intended

Lines of code Vulnerability details Impact Bonds redemption does not correspond to protocol intention leading to lesser ETH redeemed Proof of Concept Once the bond reaches maturity and the user initiates the redemption process by calling "redeem," it's possible for the user to receive a gain that...

the perpetualVaultLP.sol is vulnable by flashloan attack

Lines of code Vulnerability details impact The perpVaultLp contract is susceptible to a flash loan attack. An attacker can exploit the vulnerability by executing flash loan transactions using both the deposit and redeem functions. This allows the attacker to acquire extra rdpx tokens and increase...

Upgraded Q -> 2 from #26 [1693915911684]

Judge has assessed an item in Issue 26 as 2 risk. The relevant finding follows: Curve Read-only Reentrancy can increase the price of some CurveStableCollateral --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #112 [1693761181150]

Judge has assessed an item in Issue 112 as 2 risk. The relevant finding follows: If a profile gets blocked, the user can refollow by accepting a pre-upgrade followNFT and then using the batchMigrateFollows function. --- The text was updated successfully, but these errors were encountered: All...

swapGivenInputAmount checks the wrong result out

Lines of code Vulnerability details Impact Wrong check amount results in unusable function. Proof of Concept swapGivenInputAmount calcaultes the value of result after calling swap. The check then requires that result 0. However, the comment states that amount cannot be less than 0...

No deadline check when swapping tokens in swapGivenInputAmount() and swapGivenOutputAmount

Lines of code Vulnerability details Impact Missing deadline checks allow pending transactions to be maliciously executed in the future. Without deadline parameters, as a consequence, users can have their operations executed at unexpected times, when the market conditions are unfavorable. Proof of...

AMM's invariant of maximun/minimum slopes is broken

Lines of code Vulnerability details Impact AMM's invariants are broken which might result in stale/unprofitable swaps Proof of Concept the function depositGivenInputAmount is used to preview amount of LP tokens using the function reserveTokenSpecified function reserveTokenSpecified SpecifiedToken...

Condition will not revert when block.timestamp is == to the compared variable

Lines of code Vulnerability details Medium Issues | | Issue | Instances ---|---|--- M-1 | Condition will not revert when block.timestamp is == to the compared variable | 1 M-1 Condition will not revert when block.timestamp is == to the compared variable The condition does not revert when...

Lack of balance checks in the depositGivenInputAmount function

Lines of code Vulnerability details Impact Lack of balance checks in the depositGivenInputAmount function can lead to various unpredictable consequences due to the breach of requirement "The pool's ratio of y to x must be within the interval MINM, MAXM". Proof of Concept The depositGivenInputAmou...

Rounding Issue and Inconsistent Fee Application

Lines of code Vulnerability details Summary There is a bug in the swap function. The bug can potentially cause incorrect balance checks and outputs when swapping. This issue arises due to improper usage of the applyFeeByRounding function. Affected Function: swap Details: In the swap function, the...

Improper handling of cases when total supply = 0

Lines of code Vulnerability details Impact Improper handling of cases when total supply = 0 AMM engine may not be started. Proof of Concept Considering if a vault uses Shell as its AMM engine. At the start, the vault has 0 X and Y balance and someone try to deposit tokens to it, this process will...

Loss of precision due to division occurring before multiplication across multiple statements leads to lesser number of receiving tokens

Lines of code Vulnerability details Impact Swaps and Deposits work with two tokens X and Y. The computed amount of tokens on the receiving end decrease due to this multi-statement loss of precision occurring due to division before multiplication. Note: This finding is different from the L-06 bot...

Upgraded Q -> 2 from #55 [1693255720314]

Judge has assessed an item in Issue 55 as 2 risk. The relevant finding follows: If we take a look at the EIP712 standard it states the following The array values are encoded as the keccak256 hash of the concatenated encodeData of their contents i.e. the encoding of SomeType5 is identical to that ...

Invalid Error Reverts in Some Cases

Lines of code Vulnerability details Description: While reviewing the code, I noticed that there is a potential issue with the error revert conditions in the getPointGivenXandUtility and getPointGivenYandUtility functions. The error handling mechanism in these functions might not be functioning as...

Swap Tokens with Fee Consideration and Balance Checks

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. In the swap function, the discrepancy lies in the usage of the variable specifiedAmount instead of roundedSpecifiedAmount when checking the final balance in the swap function. if specifiedToken ==...

Missing slippage protection in _swap()

Lines of code Vulnerability details Impact Without slippage, If the price of the tokens changes significantly during the swap, it could result in a large slippage, causing users to lose a significant amount of funds. An attacker can watch the mempool and then using flash bots execute a sandwich...

reserve balances AND reserve balance ratio INVARIANTS ARE NOT CHECKED INSIDE THE _reserveTokenSpecified FUNCTION THUS ENABLING deposit AND withdraw TRANSACTIONS TO BREAK THESE INVARIANTS

Lines of code Vulnerability details Impact The EvolvingProteus.depositGivenInputAmount function is used to calculate the output amount of LP tokens given an input amount of reserve tokens. The EvolvingProteus.withdrawGivenOutputAmount function is used to calculate the amount of LP tokens that mus...

Lack of Deadline Protection in Key Functions Poses Potential Exploits

Lines of code Vulnerability details Impact The absence of a deadline parameter in key function calls within the EvolvingProteus contract poses a significant vulnerability. Transactions that stay pending in the mempool due to outdated slippage could be executed at a much later time than initially...

withdrawGivenInputAmount() calls _lpTokenSpecified with the wrong value of feeDirection

Lines of code Vulnerability details Impact withdrawGivenInputAmount calls lpTokenSpecified with the wrong value of feeDirection: function withdrawGivenInputAmount uint256 xBalance, uint256 yBalance, uint256 totalSupply, uint256 burnedAmount, SpecifiedToken...

Accounting for Fixed_Fee and Base_Fee twice leading to less amount or token recieved

Lines of code Vulnerability details Impact There are multiple instances where fees is deducted twice. I will explain this with one function similar logic follows in other functions as well.So whenever the swapGivenInputAmount function is called by the user with inputAmount provided by the user th...

Deposit / Withdraw with reserveTokenSpecified misses important checks

Lines of code Vulnerability details Impact When depositing or withdrawing liquidity and specifying the amount of reserve tokens, the protocol bypasses crucial checks ensuring the amounts locked don't become too small. This oversight allows a malicious actor to remove all but a negligible quantity...

MIN_PRICE_VALUE is incorrect

Lines of code Vulnerability details Impact The MINPRICEVALUE variable is being calculated based on 10^10 instead of the intended 10^12. As a result, the MINPRICEVALUE will be lower than expected with 2 decimal places precision, potentially allowing pxinit and pxfinal to be set lower than the...

Swaps affect LP token mint/burn during liquidity addition/removal

Lines of code Vulnerability details Impact The LP token removal/addition forces a recalculation of the bonding curve, and the utility of the curve. The utility curve in proteus looks like the graph below, where the point A represents a certain composition of the pool. If we try to remove add/remo...

Error of computation break the LpTokens supply, causes users to lose funds and make functions using _getUtilityFinalLp() broken.

Lines of code Vulnerability details Impact withdrawGivenOutputAmount and withdrawGivenInputAmount functions doesn't revert when balance of tokenX/tokenY = 0 and create an offset between reserve tokens and LP total supply. This lead to unwanted behaviors for the next operations on the protocol...

Mint/Burn amount during LP addition/removal changes with time

Lines of code Vulnerability details Impact When a user adds LP to the pool, they get LP tokens which they can later use to redeem their positions. The issue is that since the utility and the curve parameters change with time, so does the value of the LP tokens. Say a user wants to deposit 1 ETH t...

Using incorrect parameter for checking the reserve

Lines of code Vulnerability details Impact At line 549 within the swap function's code, the internal call to the function checkBalances checks the reserve for token x is carried out using xi + specifiedAmount instead of xi + roundedSpecifiedAmount. When using roundedSpecifiedAmount passes the che...

Lack of balance checks in the withdrawGivenOutputAmount function

Lines of code Vulnerability details Impact Lack of balance checks in the withdrawGivenOutputAmount function can lead to various unpredictable consequences due to the breach of requirements "The pool's balances of the x reserve and y reserve tokens must be greater than the MINBALANCE" and "The...

_reserveTokenSpecified does not check if price is in allowed range

Lines of code Vulnerability details Impact Price could go out of range Proof of Concept EvolvingProteus defines a price range using 2 constants, MAXM and MINM: int128 constant MAXM = 0x5f5e1000000000000000000; int128 constant MINM = 0x00000000000002af31dc461; These constants are used in...

Malicious user can drain the reserve during swaping and withdrawal

Lines of code Vulnerability details Impact A malicious user can drain pool reserves by calling the swapGivenInputAmount... function during swapping and also during withdrawal by calling withdrawGivenOutputAmount... and withdrawGivenInputAmount... during withdrawal leading to a loss of funds. Proo...

Attacker can profitable trade with the pool

Lines of code Vulnerability details Impact The swap invariant used is unstable with large pool reserves locked. An attacker can generate a profit by trading with the pool, hurting Liquidity Providers. Proof of Concept To find some vulernable configurations we fuzzed the swap function of the Prote...

roundedSpecifiedAmount can overflow in _swap() and lead to incorrect xf and yf values

Lines of code Vulnerability details Impact This can allow attackers to manipulate the price of the pool by depositing large amounts that trigger the overflow. Proof of Concept The swap function first calculates roundedSpecifiedAmount by calling applyFeeByRounding. In applyFeeByRounding, the...

Swapping lacks deadline check

Lines of code Vulnerability details Impact There is no deadline when swapping tokens using EvolvingProteus. Swaps that are done through low gas transactions may be stuck in the mempool for a long time, resulting in unfavourable swap. Proof of Concept Evolving prometeus seems like an upgrade to...

Potential pools unavailable

Lines of code Vulnerability details Impact The function getPointGivenXandUtility may always rollback and report an error CurveError. Proof of Concept According to the formula y = k^2 u^2/aku + x - bku, it is possible to find the other coordinates of a point on the curve when given a u and a...

Lack of events in EvolvingProteus contract

Lines of code Vulnerability details Impact There is no event emitted in the whole contract, even after executing sensitive actions like swaps between assets or at the constructor. That is bad because many automatic tools that monitors the contracts deployed rely on them. For example, see the swap...

ABDKMath64 performs multiplication on results of division

Lines of code Vulnerability details Impact Solidity could truncate the results, performing multiplication before division will prevent rounding/truncation in solidity math. POC: EvolvingProteus is using ABDKMath64x64 library which is doing performing multiplication before division this can roundi...

Lack of slippage parameter in swap can cause losses for users

Lines of code Vulnerability details Impact Users can incure losses do to lack of slippage control. Detailed description of the impact of this finding. Slippage control helps to safeguard user funds against price falling below a certain threshold. This can be caused byfrontrunning attack. Proof of...

overflow vulnerability in the _lpTokenSpecified() function when calculating computedAmount

Lines of code Vulnerability details Impact uf will be incorrect, which will lead to incorrect final price points xf, yf and ultimately an incorrect computedAmount. It also allows an attacker to manipulate the pool in their favor by depositing or withdrawing more assets than they should be able to...

Utility per LP token can decrease in some cases.

Lines of code Vulnerability details Impact Utility per LP token can decrease in some cases. Proof of Concept The documentation in contest repo states that Within a timeslice a single block, no set of transactions swaps, deposits, withdrawals should result in a decrease of the utility per LP token...

The code uses block.timestamp for calculating the duration of the curve evolution which can be manipulated by miners

Lines of code L72 Vulnerability details Impact block.timestamp is used to set the initial time tinit and the final time tfinal for the curve's evolution - the duration over which these prices change tinit, tfinal. The potential issue here is that block.timestamp can be manipulated by miners to a...

UNSAFE CASTING CAN LEAD TO ERRORNEOUS utility VALUE CALCULATION

Lines of code Vulnerability details Impact The EvolvingProteus.getUtility function is used to calculate the utility value of the pool at the time of the function call. The utilitiy is calculated using a quadratic formula which is shown below: kab - 1u2 + ay + bxu + xy/k = 0 Above quadratic equati...

Validating input parameters with the max value of uint

Lines of code Vulnerability details Impact Validating input values with uint256.max will not revert in any condition as solidity v0.8.0 reverts on overflow and underflow. Detailed description of the impact of this finding. Due to solidity v0.8.0 which reverts on overflow and underflow of integer...

Missing balance checks in _reserveTokenSpecified()

Lines of code Vulnerability details Impact There is a missing balance check in reserveTokenSpecified, which allows reserve tokens to be withdrawn or deposited into illegal balances, which may cause subsequent transactions to revert. It also allows the pool to be killed by withdrawing all balances...

Division before multiplication incurs larger precision loss

Lines of code Vulnerability details Impact There are couple of instance of using result of a division for multiplication while can cause larger precision loss. Proof of Concept In contract EvolvingProteus.sol, value of int128 two at line 709 is calculated by using ABDKMath64x64.divu function. The...

Missing balance checks in _reserveTokenSpecified()

Lines of code Vulnerability details Impact By calling depositGivenInputAmount and withdrawGivenOutputAmount which both call 'reserveTokenSpecified', users may potentially create scenarios where the balance ratio allowed for the EvolvedProtocol.sol deployment is violated. POC depositGivenInputAmou...

_getUtility function may be vulnerable to precision loss

Lines of code Vulnerability details Impact When calculating r0 and r1 in the getUtility function precision loss may occur due to the use of the standard devision operator / instead of the devision functions of ABDKMath64x64. As the other values in the equation make use of the library's methods if...

Liquidity concentration rate is reduced by the use of timestamp instead of block number

Lines of code Vulnerability details Impact Liquidity concentration rate is reduced by the use of timestamp instead of block number Proof of Concept The document states that This primitive can passively update liquidity concentration over time. You can think of it like a hybrid between a Balancer...

Vulnerability in swapGivenInputAmount Function that could Leads to Unintended Token Draining

Lines of code Vulnerability details Impact The vulnerability discovered in the swapGivenInputAmount function has the potential to cause unintended token draining in the smart contract. Due to an incorrect check for a negative result in the code requireresult 0;, the function may allow swaps to...

Wrong check applied on certain function.

Lines of code Vulnerability details Impact function which applied the require check for amount will always gets revert like swapGivenInputAmount , withdrawGivenOutputAmount , withdrawGivenInputAmount Proof of Concept under function given above a wrong is made which always get revert when the amou...