There is no check to see if eth was successfully sent from ValidatorWithdrawalVault to StaderStakePoolsManager.

Lines of code Vulnerability details Impact Eth may not complete successfully. As a result, the user will not receive their share from the validator. Tools Used Manual audit Recommended Mitigation Steps Add to StaderStakePoolManager.receiveWithdrawVaultUserShare function. ifmsg.value == 0 revert...

A lot with a lots.sdAmount less than the bidIncrement cannot be bid on

Lines of code Vulnerability details M-01 A lot with a lots.sdAmount less than the bidIncrement cannot be bid on Impact Everyone can create a lot by calling Auction.createLot with any arbitrary amount they specify. However, creating a lot with a low sdAmount can result in two potential issues: Whe...

The _poolId and _id values are not within the expected range and not performing appropriate bounds checking in the VAULTPROXY contract

Lines of code Vulnerability details Impact When the poolId and id values are not within the expected range and appropriate bounds checking is not performed in the contract, it can result in high risk and vulnerabilities. Here are some potential risks and vulnerabilities that can arise: 1. Invalid...

Oracle timeout at rebalance will result in a sell-off of all RSRs at 0 price

Lines of code Vulnerability details When creating the trade for rebalance, the RecollateralizationLibP1.nextTradePair uses uint192 low, uint192 high = rsrAsset.price; // UoA/tok to get the rsr sell price. And the rsr assert is a pure Assert contract, which price function will just return 0, FIXMA...

Recipient address is not appropriately validated or sanitized in the BaseFeeVault contract (loss of funds)

Lines of code Vulnerability details Impact If the recipient address is not properly validated, an attacker could supply a malicious address as the recipient. This could result in the accumulated fees being sent to an unintended or unauthorized party. It could lead to financial loss or disruption ...

selfdestruct(self) does not clear balance

Lines of code Vulnerability details Impact Balance is stored in OVMETH contract, function opSuicide increments it, then Sucide does not change it, at the end of function it will be decremented. Which means it will not be changed. Proof of Concept // SPDX-License-Identifier: GPL-3.0 pragma solidit...

No stale data check on data being read from POR feed

Lines of code Vulnerability details Impact Stale data of exchange rate data being used protocol, resulting in loss in terms of ETHX being minted at stale exchange rate which won't have accounted for new reward Recommended Mitigation Steps Check lastUpdatedAt timestamp and that it is within...

Lack of Access Control

Lines of code Vulnerability details Impact The contract does not enforce proper access control mechanisms for critical functions such as deployWithdrawVault, deployNodeELRewardVault, updateStaderConfig, and updateVaultProxyAddress. As a result, any address can call these functions and potentially...

The increaseTotalValidatorActiveCount in PermissionedPool incorrectly adds requiredValidators instead of validatorToDeposit

Lines of code Vulnerability details Impact When the Stader Stake Pools Manager calls stakeUserETHToBeacon chain, it does so calculating the requiredValidators that can be added to the pool. The function internally also uses the allocateValidatorsAndUpdaterOperatorId to compute each operator's...

PoolSelector.computePoolAllocationForDeposit could return an unfair value.

Lines of code Vulnerability details Impact When calling StaderStakePoolsManager.validatorBatchDeposit, it calls PoolSelector.computePoolAllocationForDeposit to get the validator count to deposit for the pool. It calculates the count based on the capacity and the weight of the pool. However,...

Exchange rate is stale for deposit to calculate shares

Lines of code Vulnerability details Impact The attacker can take profit with the delayed exchange rate updating mechanism. He can deposit to the protocol to take a share of large mev reward generated by the protocol before the exchange rate update. Proof of Concept The getExchangeRate function is...

Centralization risk for trusted owners

Lines of code Vulnerability details Description: Contracts have owners that have privileged rights to perform admin tasks. These owners need to be trusted to not perform malicious updates or drain funds. Having a single Externally Owned Account EOA as the sole owner represents a significant...

pause/unpause functionnalities not implemented in many pausable contracts

Lines of code Vulnerability details Impact The following contracts : SocializingPool, StaderOracle, OperatorRewardsCollector and Auction are supposed to be pausable as they all inherit from PausableUpgradeable but they don't implement the external pause/unpause functionalities which means it will...

stake before unfreeze can take away most of rsr rewards in the freeze period

Lines of code Vulnerability details If the system is frozen, the only allowed operation is stRST.stake. And the payoutRewards is not called during freeze period: if !main.frozen payoutRewards; function payoutRewards external requireNotFrozen; payoutRewards; So the payoutLastPaid stays before the...

VaultProxy implementation can be initialized by anyone and self-destructed

Lines of code Vulnerability details Impact When the VaultFactory contract is deployed and initialized, the initialise method on the newly created VaultProxy implementation contract is never called. As such, anyone can call that method and pass in whatever values they want as arguments. One...

Missing Return Statement in the poolAllocationForExcessETHDeposit function

Lines of code contracts/PoolSelector.solL76-L111 Vulnerability details Impact The poolAllocationForExcessETHDeposituint256 excessETHAmount function is declared to return two arrays, but it does not contain a return statement. As a result, this function will always return two empty arrays regardle...

Unauthorized Access and Control in Proxy Contract

Lines of code Vulnerability details Summary: The code contains a bug that can lead to unauthorized access and control over the contract. This bug allows any caller, even those who are not the owner or address0, to bypass the intended access control mechanisms and execute arbitrary code on the...

Lack of expiration time for cross-chain message passing

Lines of code Vulnerability details Lack of expiration time for cross-chain message passing Summary Lack of expiration time for cross-chain message passing Vulnerability Detail In the current implementation, the L1CrossDomainMessagern.sol inherits from CrossDomainMessager.sol and...

NodeOperator will steal other NodeOperators' validators through frontrunning

Lines of code Vulnerability details Impact People that want to earn staking rewards, but do not have the resources to run validators, will see Stader as an avenue where they can easily steal and use others validators and they will actually earn Operator rewards from Stader. This could lead to two...

Attacker can steal CrossDomainMessenger and OptimismPortal token balances or tokens of anyone give approval for those contracts

Lines of code Vulnerability details Impact Contracts CrossDomainMessenger and OptimismPortal are part of the bridge protocol and they are responsible for sending messages between two network. they both call arbitrary address with arbitrary data that user specified and it would give attacker to...

Stader OPERATOR is single point of failure

Lines of code Vulnerability details Impact The OPERATOR role holds a lot of power within the system, which can compromise the both the system integrity and it's permission-less nature. Proof of Concept The OPERATOR key is responsible for confirming marking each validator submitted key as either...

Problem with ValiodatorStatus.INITIALIZED

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The default value for Enums in solidity are always the first parameters in them. In the ValidatorStatus Enum however, INITIALIZED is the first value and therefore the default value of the ValidatorStatu...

The owner is a single point of failure and a centralization risk

Lines of code Vulnerability details Impact Having a single EOA as the only owner of contracts is a large centralization risk and a single point of failure. A single private key may be taken in a hack, or the sole holder of the key may become unable to retrieve the key when necessary. Similar...

Adding Block.number to Block.timestamp

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. In the highlighted functions, the lastExcessETHDepositBlock is updated every time the function depositETHOverTargetWeight is called because it is set to the last block.number. If the function is called...

VaultProxy can be selfdestructed using delegatecall

Lines of code Vulnerability details Impact Attacker can selfdestruct VaultProxy deployment. constructor //initialise the vault proxy with data function initialise bool isValidatorWithdrawalVault, uint8 poolId, uint256 id, address staderConfig external if isInitialized revert AlreadyInitialized;...

No way out of the loop if operator not active

Lines of code Vulnerability details Impact There is no way out of the loop if operator not active. do if !operatorStructByIdi.active continue; uint256 remainingCapacity = validatorPerOperatorGreaterThanZero ? remainingOperatorCapacityi : getOperatorQueuedValidatorCounti; uint256 newSelectedCapaci...

The utilization of a hardcoded time value is incorrect when deployed to blockchains other than Ethereum

Lines of code Vulnerability details Medium Title: The utilization of a hardcoded time value is incorrect when deployed to blockchains other than Ethereum Impact The hardcoded value of the MINAUCTIONDURATION constant in the Auction contract becomes problematic when deploying the contracts on faste...

The admin address used in initialize function, can behave maliciously

Lines of code Vulnerability details N.B : This bug is different that the other one titled "Risk of losing admin access if updateAdmin set with same current admin address". Both issues are related to access control, but the impact, root cause and bug fix are different, so DO NOT mark it as dupliat...

Upgraded Q -> 2 from #240 [1686228552856]

Judge has assessed an item in Issue 240 as 2 risk. The relevant finding follows: L-02 --- The text was updated successfully, but these errors were encountered: All reactions...

Pausing Optimism Portal only pauses withdrawals, can result in locked or lost funds

Lines of code Vulnerability details The comment over OptimismPortal.pause indicates pause should affect both deposits and withdrawls. Currently, only finalizeWithdrawalTransaction and proveWithdrawlTransaction implement the whenNotPaused modifier. Both depositTransaction and donateETH do not...

Upgraded Q -> 3 from #240 [1686228527253]

Judge has assessed an item in Issue 240 as 3 risk. The relevant finding follows: L-01 --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #28 [1686212158430]

Judge has assessed an item in Issue 28 as 2 risk. The relevant finding follows: L-9 Griefer can DoS lender NFT withdrawals --- The text was updated successfully, but these errors were encountered: All reactions...

Attacker can disable basket during un-registration, which can cause an unnecessary trade in some cases

Lines of code Vulnerability details At the mitigation contest there was an issue regarding the basketHandler.quantity call at the unregistration process taking up all gas. As a mitigation to that issue the devs set aside some gas and use the remaining to do that call. This opens up to a new kind ...

The owner is a single point of failure and a centralization risk (06 Instances)

Lines of code Vulnerability details Impact Having a single EOA as the only owner of contracts is a large centralization risk and a single point of failure. A single private key may be taken in a hack, or the sole holder of the key may become unable to retrieve the key when necessary. Tools Used...

Custom redemption might revert if old assets were unregistered

Lines of code Vulnerability details quoteCustomRedemption works under the assumption that the maximum size of the erc20sAll should be assetRegistry.size, however there can be cases where an asset was unregistered but still exists in an old basket, making the size of the old basket greater than...

Use of wrong Library file directory

Lines of code Vulnerability details Impact Importing the wrong library file path in the Vault Factory contract can pose several risks: Functionality Issues: If you import the wrong library, the functions and features you expect to use may not be available or may behave differently. This can lead ...

An oracle deprecation might lead the protocol to sell assets for a low price

Lines of code Vulnerability details During a Dutch Auction, if a user places a bid, the trade is settled in the same transaction. As part of this process, the backing manager tries to call the rebalance function again. The call to rebalance is wrapped in a try-catch block, if an error occurs and...

cancelUnstake() doesn't payout rewards first

Lines of code Vulnerability details The new cancelUnstake function allows users to cancel their unstaking, by taking the user's drafts and minting it again. However, since the payoutRewards isn't being called this means that the user would get rewards for the period between the last time...

Upgraded Q -> 2 from #240 [1686228586164]

Judge has assessed an item in Issue 240 as 2 risk. The relevant finding follows: L-04 --- The text was updated successfully, but these errors were encountered: All reactions...

Custom redemption can be used to get more than RToken value, when an upwards depeg occurs

Lines of code Vulnerability details Custom redemption allows to redeem RToken in exchange of a mix of previous baskets as long as it's not more than the prorata share of the redeemer. The assumption is that previous baskets aren't worth more than the target value of the basket. However, a previou...

Upgraded Q -> 2 from #48 [1686129354989]

Judge has assessed an item in Issue 48 as 2 risk. The relevant finding follows: CALLING transfer FUNCTION TO SEND ETH CAN REVERT --- The text was updated successfully, but these errors were encountered: All reactions...

Withdrawal with gas limit more than 28_750_517 can never be executed with CrossDomainMessenger

Lines of code Vulnerability details Impact Withdrawal with gas limit more than 28750517 can never be executed with CrossDomainMessenger. User that will initiate such withdrawal will loose his funds and will not be able to execute the withdrawal, because of reaching maximum block gas limit. Proof ...

A new era might be triggered despite a significant value being held in the previous era

Lines of code Vulnerability details When RSR seizure occurs the staking and drafting rate is adjusted accordingly, if any of those rates is above some threshold then a new era begins draft or staking era accordingly, wiping out all of the holdings of the current era. The assumption is that if the...

Upgraded Q -> 2 from #23 [1686021624118]

Judge has assessed an item in Issue 23 as 2 risk. The relevant finding follows: rageQuit cannot transfer ERC1155 fungible tokens --- The text was updated successfully, but these errors were encountered: All reactions...

[M-02] Not having Self-Destruct Functions

Lines of code Vulnerability details Impact The contract does not have a self-destruct function, making it impossible to remove the contract from the blockchain once it's deployed. Recommended Mitigation Steps add a self-destruct function with proper access control to allow the contract to be...

onlyEOA modifier can be bypassed and leads to loss of user funds(Openzeppelin removed isContract function check)

Lines of code Vulnerability details Impact The onlyEOA modifier is extensively used in L1 as well as L2 smart contracts. It is designed to restict certain operations to Externally Owned accountEOA. However, the vulnerability exist that may allow the malicious contract to bypass this restriction...

Upgraded Q -> 2 from #17 [1685982856814]

Judge has assessed an item in Issue 17 as 2 risk. The relevant finding follows: Ragequit can be frontrun by distribute call to cause losses to user who is ragequitting --- The text was updated successfully, but these errors were encountered: All reactions...

[M-01] Unprotected function in Constructor

Lines of code Vulnerability details Impact anyone can deploy the contract, potentially with malicious intent. Proof of Concept The constructor is not protected by any access control mechanism. Recommended Mitigation Steps Add access control to the constructor, such as an Ownable pattern, to ensur...

Upgraded Q -> 2 from #9 [1685982867794]

Judge has assessed an item in Issue 9 as 2 risk. The relevant finding follows: Users might lose funds after calling rageQuit by malicious frontrunners. --- The text was updated successfully, but these errors were encountered: All reactions...

Loss of user funds due to gas Limit set to zero on L2StandardBridge

Lines of code Vulnerability details Impact User loss of funds in the event a deposit fails. Proof of Concept In L2StandardBridge.finalizeDeposit, there exists an issue related to the gas limit setting. In the event of a failed transfer, it attempts to create a return transaction to refund the use...