Lack of protection when withdrawing Static Atoken

Lines of code Vulnerability details Impact The Aave plugin is associated with an ever-increasing exchange rate. The earlier a user wraps the AToken, the more Static Atoken will be minted and understandably no slippage protection is needed. However, since the rate is not linearly increasing,...

Potential Early Exploit in Morho-Aave ERC4626 Implementation

Lines of code Vulnerability details Impact The issue discovered can be exploited when a vault is initially empty. A malicious actor could frontrun a legitimate user's deposit, contributing a negligible amount to the vault. This allows the actor to own shares while the total asset in the vault is...

Lack of protection when caling CusdcV3Wrapper._withdraw

Lines of code Vulnerability details Impact When unwrapping the wComet to its rebasing comet, users with an equivalent amount of wComet invoking CusdcV3Wrapper.withdraw at around the same time could end up having different percentage gains because comet is not linearly rebasing. Moreover, the...

Potential Loss of Rewards During Token Transfers in StaticATokenLM.sol

Lines of code Vulnerability details Impact This issue could lead to a permanent loss of rewards for the transferer of the token. During the token transfer process, the beforeTokenTransfer function updates rewards for both the sender and the receiver. However, due to the specific call order and th...

User can bypass their approved redeem allowance

Lines of code Vulnerability details Impact The caller can bypass the allowance check by exploiting the exchange rate calculation and drain funds from the contract up to the full balance owned by msg.sender, not just the amount approved in the allowance. Proof of Concept The issue is that...

Anyone can burn/steal other users' wrapped follow NFTs

Lines of code Vulnerability details Impact Anyone can unwrap any follow NFT Attackers can steal follows by burning them Owners lose their follows without consent Proof of Concept The lack of ownership check in the unwrap function creates a vulnerability where anyone can unwrap and steal a follow...

lack of payable

Lines of code Vulnerability details Impact If it is not marked payable, the contract will throw an exception if it receives plain ether without data. Proof of Concept Tools Used Recommended Mitigation Steps fallback function should be payable Assessed type Payable --- The text was updated...

Missing check of how recent the price is can lead to stale price being used in the protocol

Lines of code Vulnerability details Impact In the ChainlinkOracle.sol file, in the function getChainlinkPriceAggregatorV3Interface feed, there is the check requireupdatedAt != 0, "Round is in incompleted state";. However, there is no check to see that the price is recent and acceptable. If there ...

First mint user can inflate share which can steal asset from other user

Lines of code Vulnerability details Impact A well know inflation attack/first deposit mint bug. The attacker can steal assets from other user's deposit mint. Proof of Concept The Moonwell project is a fork from the Compound Protocol. The MToken the MToken on Compound represents a yield-bearing...

The owner can call _upgrade directly, skipping executeLensV2Upgrade.

Lines of code Vulnerability details Impact Loss of funds due to skipped checks before transfers Invalid system state due to assuming conditions not verified Hiding failed upgrade due to skipped revert/events Proof of Concept upgrade is missing an onlyOwner modifier By calling upgrade directly, th...

Using LensBaseERC721::_safeTransfer may lead to tokens being locked forever

Lines of code Vulnerability details Impact As we are all aware of, the OZ Address.sol function isContract can be bypassed because as the docs says: It is unsafe to assume that an address for which this function returns false is an externally-owned account EOA and not a contract. Among others,...

EIP-712 typehash is incorrect for several functions in MetaTxLib

Lines of code Vulnerability details Bug Description In LensHub.sol, the second parameter of setProfileMetadataURIWithSig is declared as metadataURI: LensHub.solL119-L123 function setProfileMetadataURIWithSig uint256 profileId, string calldata metadataURI, Types.EIP712Signature calldata signature...

liquidateBorrow() mTokens that do not enter the market can still be liquidated as collateral

Lines of code Vulnerability details Impact borrower's mTokens that do not join the market, but it still be Liquidation as collateral Proof of Concept If user wants to use mToken as collateral, the user needs to enter market with enterMarket function. / @notice Add assets to be included in account...

Incorrect liquidity calculations if snapshot errors occur

Lines of code Vulnerability details Impact incorrect liquidity values that undermine the risk checks and constraints of the protocol Proof of Concept getHypotheticalAccountLiquidityInternal does not handle snapshot errors properly. Specifically: It calls MToken.getAccountSnapshot to get the...

BORROWERS CAN AVOID LIQUIDATIONS, IF ERC777 TOKEN IS CONFIGURED AS AN emissionToken

Lines of code Vulnerability details Impact If a borrower is undercollateralized then he can be liquidated by a liquidator by calling the MErc20.liquidateBorrow function. liquidateBorrow function calls the MToken.liquidateBorrowFresh in its execution process. Inside the liquidateBorrowFresh functi...

Cannot unwrap token after recovering through wrapping

Lines of code Vulnerability details Impact Cannot unwrap token after recovering through wrapping. Proof of Concept FollowNFTunwrap checks if followerProfileId for the token is not 0: if followDataByFollowTokenIdfollowTokenId.followerProfileId == 0 revert NotFollowing; while after recovering token...

Inconsistent encoding of arrays in MetaTxLib

Lines of code Vulnerability details Bug Description According to the EIP-712 specification, arrays are encoded by concatenating its elements and passing the result to keccak256: The array values are encoded as the keccak256 hash of the concatenated encodeData of their contents i.e. the encoding o...

Users can burn follow token without unfollow

Lines of code Vulnerability details Impact Lack of access control in this function can lead to users burning their tokens without updating related mappings. For example in the FollowNFT.sol contract, burn function will call unfollowIfHasFollower function first, and then burn token. but even users...

High - TemporalGovernor.sol - Malicious Governance Propsoals can interact with Metamorphic Contracts resulting in Business Critical Risk to the Protocol

Lines of code Vulnerability details High - TemporalGovernor.sol - Malicious Governance Propsoals can interact with Metamorphic Contracts resulting in Business Critical Risk to the Protocol Impact Due to the permisionless governance execution method, with no ascribed or implemented security...

Missing Input Validation and Error Definition

Lines of code Vulnerability details Impact Missing Input Validation and Error Definition of globalSupplyIndex & globalBorrowIndex in L827-L844 & L865-L883 respectively of MultiRewardDistributor.sol could create complications as "sub" function of L844 & L883 would stop execution in cases of...

setDirectPrice is vulnerable to sandwich attack

Lines of code Vulnerability details Impact In ChainlinkOracle.sol we have setDirectPrice: function setDirectPriceaddress asset, uint256 price external onlyAdmin emit PricePostedasset, pricesasset, price, price; pricesasset = price; This function setDirectPrice allows the admin...

excuteProposal can fail due to Wormhole guardian change

Lines of code Vulnerability details Impact Wormhole governance can change signing guardian sets. If this happens between a proposal is queued and a proposal is executed. The second verification in executeProposal will fail as the guardian set has changed between queuing and executing. This would...

Attacker can Steal all eths of WETHRouter.sol through redeem function

Lines of code Vulnerability details Impact An attacker can Steal eths through redeem function in WETHRouter.sol as you know the contract does the redeem process and redeem user mTokens to ETHs, and as you know we have the function of mint which is the opposite of this and users deposit ETH in ord...

initialize() function can manipulated by attacker

Lines of code Vulnerability details Impact initialize function in the FollowNFT.sol contract is external and everyone can call this function. comment in the code says: "This is called right after deployment by the LensHub, so we can skip the onlyHub check." But in this scenario, attacker can call...

Overflow/underflow when creating the exchange rate Exp.

Lines of code Vulnerability details Impact Incorrect exchange rate values Proof of Concept the exchangeRateStoredInternal function is missing validation on the Exp mantissa size before creating the exchange rate Exp. This could lead to overflow. This would make the mantissa of exchangeRate equal ...

Any user can claim rewards infinitely from the market without respecting the accrued rewards time

Lines of code Vulnerability details Impact calculateSupplyRewardsForUser updates the user accrued rewards based on the user balance of mTokens & on global and user indicies difference which is the time difference between the last reard claim and the current time . Comptroller contract: one of the...

Current setUnderlyingPrice and setDirectPrice open to incorrect liquidation of users' positions and result in financial losses for users

Lines of code Vulnerability details Impact Price feeds can be affected by network congestion, causing transactions with outdated prices to be treated as current prices. As price feeds are crucial to the protocol's functioning, this situation can lead to incorrect liquidation of users' positions a...

the unbounded approve function allows a front-running vulnerability due to setting unlimited allowance.

Lines of code Vulnerability details Impact if approve is called with a very high allowance, the spender can drain the owner's entire balance. Proof of Concept approve allows setting an allowance to any arbitrary uint256 value, including typeuint.max. This effectively gives unlimited approval to t...

[ H ] Infinite loop in calculateNewIndex prevents tokens from being minted and rewards from being distributed

Lines of code Vulnerability details Impact Recursive calls from calculateNewIndex in MultiRewardDistributor will result in an infinite loop and out of gas errors, preventing tokens from being minted and rewards being sent to some users as disburseSupplierRewardsInternal will not be called. Proof ...

Race condition in approve function can lead to more funds than intended being transferred

Lines of code Vulnerability details Impact The approve function from MToken.sol contains a front-running vulnerability that allows a user to spend more tokens than he should. Proof of Concept Lets take the following scenario: 1. Alice calls approveEve, 10. This permits Eve to spend 10 tokens from...

Any extra reward tokens that accumulate in the contract remain locked there permanently.

Lines of code Vulnerability details Impact Funds get locked in contract resulting to Loss of asset control, funds and increased costs to recover fund Proof of Concept Reviewing the list of external and public functions, there is no withdraw or reclaim function: 2. Scanning the contract code, ther...

Users positions can be directly liquidated when the admin changes the collateralFactorMantissa from a higher value to a lower value

Lines of code Vulnerability details Impact In Comptroller contract : Market.collateralFactorMantissa mltiplier represents the maximum underlying asset amount the depositors can borrow against their collateral in a market,for example:if it is set to 0.9;then 90% of collateral value is allowed to b...

Integer overflow in getDerivedPrice()

Lines of code Vulnerability details Impact An integer overflow could cause the getDerivedPrice function to return an incorrect price. This could lead to financial losses for users of the contract. Proof of Concept Sure, I can generate a report with this information for all the bugs in the smart...

Users repay more than the approved amount.

Lines of code Vulnerability details Impact More tokens can be repaid than were approved leading to loss of funds Proof of Concept The repayBorrowFresh function does the following: 1. Checks if repay is allowed by calling comptroller.repayBorrowAllowed with the input repayAmount. 2. Fetches the...

Unauthorized Admin Transfer Vulnerability

Lines of code Vulnerability details Description The bug in this contract is that it doesn't handle the case when the pendingAdmin is set to the zero address address0. As per the condition msg.sender == address0, the if statement can be bypassed if an attacker sets pendingAdmin to the zero address...

External visibility modifier on function that should be callable from address(this). Doesnt seem right.

Lines of code Vulnerability details Impact External visibility modifier on function that should be callable from addressthis. Doesnt seem right. Proof of Concept /// @notice grant the guardians the pause ability function grantGuardiansPause external require msg.sender == addressthis, /// @audit i...

the check for the roundId == answeredInRound should be set to >= in the ChainlinkCompositeOracle.sol#getPriceAndDecimals

Lines of code Vulnerability details Impact the function getPriceAndDecimals have check that it check if the round id is equal to the answer in round ID. this check should be change to = because some roundID may get the data/answers in the round that is more than the roundId and this case is...

the TemporalGovernor.sol can be unpaused when it should still in the pause mood

Lines of code Vulnerability details Impact the TemporalGovernor implemented in a way that if the guardians pause the system then the system will be paused to period of time and the system will remove the guradians approve till the system reApprove them again and going to the unpause mood, the...

approve() can be front-run

Lines of code Vulnerability details Impact In MToken.sol we have approve function: function approveaddress spender, uint256 amount override external returns bool address src = msg.sender; transferAllowancessrcspender = amount; emit Approvalsrc, spender, amount; ...

The project's reputation and user funds can be affected if a clear invariant is not met

Lines of code Vulnerability details Vulnerability details Impact The protocol may not work as expected in years that are not 365 days long, which could lead to a loss of confidence in the protocol. In fact, the next year is one of those years leap year. Furthermore, defining it as a constant in t...

## [M-07] ERC20 return values not checked

Lines of code Vulnerability details Impact Tokens that don’t actually perform the transfer and return false are still counted as a correct transfer and the tokens remain in the SingleNativeTokenExitV2 contract and could potentially be stolen by someone else. Proof of Concept The ERC20.transfer an...

Inaccurate implementation of ECDSA creates signature malleability

Lines of code Vulnerability details Impact The ecrecover function is an inherent cryptographic function within Solidity which enables the retrieval of the signer's address messages which have been signed with their private key. Of course, this is very important when it comes to verifying the...

No Receive functiion in TemporalGovernor contract

Lines of code Vulnerability details Impact The function executeProposal in TemporalGovernor contract will fail, if there is a value to send with the call to the targets executeProposal function could send native token out along with a call to the targets encoded in vm.payload, but the current...

Potential Exploitation due to Lack of Price Range Checks in Oracle Implementation

Lines of code Vulnerability details Impact Chainlink aggregators have a built in circuit breaker if the price of an asset goes outside of a predetermined price band. The result is that if an asset experiences a huge drop in value i.e. LUNA crash the price of the oracle will continue to return the...

Potential Stale Data Due to Inadequate Round Validation

Lines of code Vulnerability details Impact Even tough the dev is checking if the data is stale or not some valid prices could still be considered as invalid because of this line: answeredInRound == roundId, sometimes the answeredInRound might be greater than roundId and would still be valid but i...

Chainlink's latestRoundData might return stale or incorrect results

Lines of code Vulnerability details Impact Chainlink's latestRoundData is used but there is no check if the return value indicates stale data. This could return stale price data for the underlying asset. Proof of Concept getChainlinkPrice function uses Chainlink's latestRoundData to get the lates...

FollowNFT storage collision

Lines of code Vulnerability details Impact The lastFollowTokenId of FollowNFT contract has a storage collision. V2.0 storage layout: | lastFollowTokenId | uint128 | 17 | 0 | 16 | contracts/FollowNFT.sol:FollowNFT | | followerCount | uint128 | 17 | 16 | 16 | contracts/FollowNFT.sol:FollowNFT |...

The onlyProfileOwnerOrDelegatedExecutor and whenNotPaused checks can be bypassed

Lines of code Vulnerability details Impact The LensHub.sol functions setProfileMetadataURI, setProfileMetadataURIWithSig, setFollowModule, setFollowModuleWithSig, collect, collectWithSig, act, actWithSig, setProfileImageURI, setProfileImageURIWithSig and others use...

In LensBaseERC721.sol#_transfer() Lack of check from==to

Lines of code Vulnerability details Impact In LensBaseERC721.soltransfer balances of from and to are stored in temporary variables and after the subtration, addition operation the results are written to storage. In the second operation since the original balance is used in the addition operation,...

processBlock() function forcibly wrapping a follow NFT could lock it without the owner's consent

Lines of code Vulnerability details Impact It locks the NFT against the owner's wishes. Proof of Concept processBlock is called by the LensHub when a profile is blocked It first checks if the follow NFT is wrapped using isFollowTokenWrapped If not wrapped, it forces wrapping by minting to the own...