Overwriting rdpxAmount Without Checks

Lines of code Vulnerability details Impact The decreaseAmount function, specifically the line bondsbondId.rdpxAmount = amount;. This vulnerability allows overwriting the rdpxAmount without any checks or backups, which can result in irreversible data loss. function decreaseAmount uint256 bondId,...

RDPX price manipulation benefit for attacker via a Flashloan attack

Lines of code Vulnerability details Impact As the RdpxV2Core contract burns RDPX tokens, a malicious attacker can benefit from a price manipulation attack using a flashloan attack Proof of Concept The function bond in the RdpxV2Core contract is a primary function to enter the protocol and bond...

LastRewardRound is sometimes not checkpointed for Delegators

Lines of code Vulnerability details Impact lastRewardRound is not updated/checkpointed for delegators when transcoder changes state. This results in incorrect rewards and votes. It also violates this checkpointing condition specified by the technical specification: Quote: "In practical terms, it...

Initialization Issue in EarningsPoolL

Lines of code Vulnerability details Impact the vulnerable part in code : uint256 prevCumulativeRewardFactor = prevEarningsPool.cumulativeRewardFactor != 0 ? prevEarningsPool.cumulativeRewardFactor : PreciseMathUtils.percPoints1, 1; earningsPool.cumulativeRewardFactor =...

Upgraded Q -> 2 from #26 [1693915911684]

Judge has assessed an item in Issue 26 as 2 risk. The relevant finding follows: Curve Read-only Reentrancy can increase the price of some CurveStableCollateral --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #112 [1693761181150]

Judge has assessed an item in Issue 112 as 2 risk. The relevant finding follows: If a profile gets blocked, the user can refollow by accepting a pre-upgrade followNFT and then using the batchMigrateFollows function. --- The text was updated successfully, but these errors were encountered: All...

Validating input parameters with the max value of uint

Lines of code Vulnerability details Impact Validating input values with uint256.max will not revert in any condition as solidity v0.8.0 reverts on overflow and underflow. Detailed description of the impact of this finding. Due to solidity v0.8.0 which reverts on overflow and underflow of integer...

KEY INVARIANT RELATED TO THE FIXED_FEE AMOUNT CAN BE BROKEN

Lines of code Vulnerability details Impact The EvolvingProteus.applyFeeByRounding function is used to charge fees by rounding values in directions that are beneficial to the pool. Within this function there is a if condition which verifies that the calculated final amount is not less than the...

Existing checks with INT_MAX are insufficient such that the contract becomes dysfunctional after initial deployment of some large balance(s)

Lines of code Vulnerability details Impact EvolvingProteus.sol contains a variety of functions which detail the price in tokens to be paid in swaps, withdraws, and deposits. In external functions such as depositGivenInputAmount, as well as internal functions such as checkBalances, there exists a...

Missing slippage protection in _swap()

Lines of code Vulnerability details Impact Without slippage, If the price of the tokens changes significantly during the swap, it could result in a large slippage, causing users to lose a significant amount of funds. An attacker can watch the mempool and then using flash bots execute a sandwich...

Mint/Burn amount during LP addition/removal changes with time

Lines of code Vulnerability details Impact When a user adds LP to the pool, they get LP tokens which they can later use to redeem their positions. The issue is that since the utility and the curve parameters change with time, so does the value of the LP tokens. Say a user wants to deposit 1 ETH t...

Attacker can profitable trade with the pool

Lines of code Vulnerability details Impact The swap invariant used is unstable with large pool reserves locked. An attacker can generate a profit by trading with the pool, hurting Liquidity Providers. Proof of Concept To find some vulernable configurations we fuzzed the swap function of the Prote...

Malicious user can drain the reserve during swaping and withdrawal

Lines of code Vulnerability details Impact A malicious user can drain pool reserves by calling the swapGivenInputAmount... function during swapping and also during withdrawal by calling withdrawGivenOutputAmount... and withdrawGivenInputAmount... during withdrawal leading to a loss of funds. Proo...

ABDKMath64 performs multiplication on results of division

Lines of code Vulnerability details Impact Solidity could truncate the results, performing multiplication before division will prevent rounding/truncation in solidity math. POC: EvolvingProteus is using ABDKMath64x64 library which is doing performing multiplication before division this can roundi...

Error of computation break the LpTokens supply, causes users to lose funds and make functions using _getUtilityFinalLp() broken.

Lines of code Vulnerability details Impact withdrawGivenOutputAmount and withdrawGivenInputAmount functions doesn't revert when balance of tokenX/tokenY = 0 and create an offset between reserve tokens and LP total supply. This lead to unwanted behaviors for the next operations on the protocol...

Upgraded Q -> 2 from #112 [1693238992728]

Judge has assessed an item in Issue 112 as 2 risk. The relevant finding follows: A profile can follow itself by receiving a pre-upgrade followNFT and then using the batchMigrateFollows function." --- The text was updated successfully, but these errors were encountered: All reactions...

Wrong check applied on certain function.

Lines of code Vulnerability details Impact function which applied the require check for amount will always gets revert like swapGivenInputAmount , withdrawGivenOutputAmount , withdrawGivenInputAmount Proof of Concept under function given above a wrong is made which always get revert when the amou...

swapGivenInputAmount() will always revert

Lines of code Vulnerability details Impact swapGivenInputAmount... will always revert leading to a Denial of service. Proof of Concept A call to swapGivenInputAmount... will always revert owing to the logic implementation in the function. function swapGivenInputAmount uint256 xBalance, uint256...

No deadline check when swapping tokens in swapGivenInputAmount() and swapGivenOutputAmount

Lines of code Vulnerability details Impact Missing deadline checks allow pending transactions to be maliciously executed in the future. Without deadline parameters, as a consequence, users can have their operations executed at unexpected times, when the market conditions are unfavorable. Proof of...

reserve balances AND reserve balance ratio INVARIANTS ARE NOT CHECKED INSIDE THE _reserveTokenSpecified FUNCTION THUS ENABLING deposit AND withdraw TRANSACTIONS TO BREAK THESE INVARIANTS

Lines of code Vulnerability details Impact The EvolvingProteus.depositGivenInputAmount function is used to calculate the output amount of LP tokens given an input amount of reserve tokens. The EvolvingProteus.withdrawGivenOutputAmount function is used to calculate the amount of LP tokens that mus...

The code uses block.timestamp for calculating the duration of the curve evolution which can be manipulated by miners

Lines of code L72 Vulnerability details Impact block.timestamp is used to set the initial time tinit and the final time tfinal for the curve's evolution - the duration over which these prices change tinit, tfinal. The potential issue here is that block.timestamp can be manipulated by miners to a...

UNSAFE CASTING CAN LEAD TO ERRORNEOUS utility VALUE CALCULATION

Lines of code Vulnerability details Impact The EvolvingProteus.getUtility function is used to calculate the utility value of the pool at the time of the function call. The utilitiy is calculated using a quadratic formula which is shown below: kab - 1u2 + ay + bxu + xy/k = 0 Above quadratic equati...

Upgraded Q -> 2 from #55 [1693255720314]

Judge has assessed an item in Issue 55 as 2 risk. The relevant finding follows: If we take a look at the EIP712 standard it states the following The array values are encoded as the keccak256 hash of the concatenated encodeData of their contents i.e. the encoding of SomeType5 is identical to that ...

withdrawGivenInputAmount() calls _lpTokenSpecified with the wrong value of feeDirection

Lines of code Vulnerability details Impact withdrawGivenInputAmount calls lpTokenSpecified with the wrong value of feeDirection: function withdrawGivenInputAmount uint256 xBalance, uint256 yBalance, uint256 totalSupply, uint256 burnedAmount, SpecifiedToken...

Potential pools unavailable

Lines of code Vulnerability details Impact The function getPointGivenXandUtility may always rollback and report an error CurveError. Proof of Concept According to the formula y = k^2 u^2/aku + x - bku, it is possible to find the other coordinates of a point on the curve when given a u and a...

overflow vulnerability in the _lpTokenSpecified() function when calculating computedAmount

Lines of code Vulnerability details Impact uf will be incorrect, which will lead to incorrect final price points xf, yf and ultimately an incorrect computedAmount. It also allows an attacker to manipulate the pool in their favor by depositing or withdrawing more assets than they should be able to...

Rounding Issue and Inconsistent Fee Application

Lines of code Vulnerability details Summary There is a bug in the swap function. The bug can potentially cause incorrect balance checks and outputs when swapping. This issue arises due to improper usage of the applyFeeByRounding function. Affected Function: swap Details: In the swap function, the...

Improper handling of cases when total supply = 0

Lines of code Vulnerability details Impact Improper handling of cases when total supply = 0 AMM engine may not be started. Proof of Concept Considering if a vault uses Shell as its AMM engine. At the start, the vault has 0 X and Y balance and someone try to deposit tokens to it, this process will...

Condition will not revert when block.timestamp is == to the compared variable

Lines of code Vulnerability details Medium Issues | | Issue | Instances ---|---|--- M-1 | Condition will not revert when block.timestamp is == to the compared variable | 1 M-1 Condition will not revert when block.timestamp is == to the compared variable The condition does not revert when...

RESERVE BALANCE BOUNDRY CHECKS IN _checkBalances FUNCTION IS ERRORNEOUS DUE TO WRONG INPUT PARAMETERS PASSED IN

Lines of code Vulnerability details Impact The EvolvingProteus.swap function is used to swap one token Specified token to another non-specified tokenusing the liquidity pool. The protocol charges the fee on the swap transactions by calling the applyFeeByRounding function as shown below:...

Accounting for Fixed_Fee and Base_Fee twice leading to less amount or token recieved

Lines of code Vulnerability details Impact There are multiple instances where fees is deducted twice. I will explain this with one function similar logic follows in other functions as well.So whenever the swapGivenInputAmount function is called by the user with inputAmount provided by the user th...

_getUtility function may be vulnerable to precision loss

Lines of code Vulnerability details Impact When calculating r0 and r1 in the getUtility function precision loss may occur due to the use of the standard devision operator / instead of the devision functions of ABDKMath64x64. As the other values in the equation make use of the library's methods if...

Utility per LP token can decrease in some cases.

Lines of code Vulnerability details Impact Utility per LP token can decrease in some cases. Proof of Concept The documentation in contest repo states that Within a timeslice a single block, no set of transactions swaps, deposits, withdrawals should result in a decrease of the utility per LP token...

Missing _checkAmountWithBalance check in deposit functions

Lines of code Vulnerability details Impact When computing the input or output amount of a swap checkAmountWithBalance is called to ensure that precision errors do not occur and that the pool does not lose any value. However, checkAmountWithBalance is not called in depositGivenInputAmount and...

Max Price Ratio Manipulation

Lines of code Vulnerability details Impact Vulnerable Part in Code: pyinit.divpyinit.subpxinit ABDKMath64x64.divuuintMAXPRICERATIO, 1 here is A scenario where the range of acceptable price ratios is between 1 and 100 for instance, due to a misconfiguration or oversight, the constant MAXPRICERATIO...

swapGivenInputAmount checks the wrong result out

Lines of code Vulnerability details Impact Wrong check amount results in unusable function. Proof of Concept swapGivenInputAmount calcaultes the value of result after calling swap. The check then requires that result 0. However, the comment states that amount cannot be less than 0...

Division before multiplication incurs larger precision loss

Lines of code Vulnerability details Impact There are couple of instance of using result of a division for multiplication while can cause larger precision loss. Proof of Concept In contract EvolvingProteus.sol, value of int128 two at line 709 is calculated by using ABDKMath64x64.divu function. The...

AMM's invariant of maximun/minimum slopes is broken

Lines of code Vulnerability details Impact AMM's invariants are broken which might result in stale/unprofitable swaps Proof of Concept the function depositGivenInputAmount is used to preview amount of LP tokens using the function reserveTokenSpecified function reserveTokenSpecified SpecifiedToken...

_reserveTokenSpecified does not check if price is in allowed range

Lines of code Vulnerability details Impact Price could go out of range Proof of Concept EvolvingProteus defines a price range using 2 constants, MAXM and MINM: int128 constant MAXM = 0x5f5e1000000000000000000; int128 constant MINM = 0x00000000000002af31dc461; These constants are used in...

Missing balance checks in _reserveTokenSpecified()

Lines of code Vulnerability details Impact By calling depositGivenInputAmount and withdrawGivenOutputAmount which both call 'reserveTokenSpecified', users may potentially create scenarios where the balance ratio allowed for the EvolvedProtocol.sol deployment is violated. POC depositGivenInputAmou...

Deposit / Withdraw with reserveTokenSpecified misses important checks

Lines of code Vulnerability details Impact When depositing or withdrawing liquidity and specifying the amount of reserve tokens, the protocol bypasses crucial checks ensuring the amounts locked don't become too small. This oversight allows a malicious actor to remove all but a negligible quantity...

roundedSpecifiedAmount can overflow in _swap() and lead to incorrect xf and yf values

Lines of code Vulnerability details Impact This can allow attackers to manipulate the price of the pool by depositing large amounts that trigger the overflow. Proof of Concept The swap function first calculates roundedSpecifiedAmount by calling applyFeeByRounding. In applyFeeByRounding, the...

Lack of events in EvolvingProteus contract

Lines of code Vulnerability details Impact There is no event emitted in the whole contract, even after executing sensitive actions like swaps between assets or at the constructor. That is bad because many automatic tools that monitors the contracts deployed rely on them. For example, see the swap...

Lack of balance checks in the withdrawGivenOutputAmount function

Lines of code Vulnerability details Impact Lack of balance checks in the withdrawGivenOutputAmount function can lead to various unpredictable consequences due to the breach of requirements "The pool's balances of the x reserve and y reserve tokens must be greater than the MINBALANCE" and "The...

Invalid Error Reverts in Some Cases

Lines of code Vulnerability details Description: While reviewing the code, I noticed that there is a potential issue with the error revert conditions in the getPointGivenXandUtility and getPointGivenYandUtility functions. The error handling mechanism in these functions might not be functioning as...

Liquidity concentration rate is reduced by the use of timestamp instead of block number

Lines of code Vulnerability details Impact Liquidity concentration rate is reduced by the use of timestamp instead of block number Proof of Concept The document states that This primitive can passively update liquidity concentration over time. You can think of it like a hybrid between a Balancer...

Using incorrect parameter for checking the reserve

Lines of code Vulnerability details Impact At line 549 within the swap function's code, the internal call to the function checkBalances checks the reserve for token x is carried out using xi + specifiedAmount instead of xi + roundedSpecifiedAmount. When using roundedSpecifiedAmount passes the che...

Missing balance checks in _reserveTokenSpecified()

Lines of code Vulnerability details Impact There is a missing balance check in reserveTokenSpecified, which allows reserve tokens to be withdrawn or deposited into illegal balances, which may cause subsequent transactions to revert. It also allows the pool to be killed by withdrawing all balances...

MIN_PRICE_VALUE is incorrect

Lines of code Vulnerability details Impact The MINPRICEVALUE variable is being calculated based on 10^10 instead of the intended 10^12. As a result, the MINPRICEVALUE will be lower than expected with 2 decimal places precision, potentially allowing pxinit and pxfinal to be set lower than the...

Lack of balance checks in the depositGivenInputAmount function

Lines of code Vulnerability details Impact Lack of balance checks in the depositGivenInputAmount function can lead to various unpredictable consequences due to the breach of requirement "The pool's ratio of y to x must be within the interval MINM, MAXM". Proof of Concept The depositGivenInputAmou...