10190 matches found
Upgraded Q -> 2 from #5 [1685528763875]
Judge has assessed an item in Issue 5 as 2 risk. The relevant finding follows: L-03 Host that owns Party NFTs can circumvent reentrancy guard --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> 2 from #11 [1685528541946]
Judge has assessed an item in Issue 11 as 2 risk. The relevant finding follows: L-01 DOS: Users can't call accept if others called rageQuit within the same block. --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> 2 from #26 [1685524804490]
Judge has assessed an item in Issue 26 as 2 risk. The relevant finding follows: L-02 Host can reduce rageQuit window --- The text was updated successfully, but these errors were encountered: All reactions...
Users can bypass distributions fees by ragequitting instead of using a formal distribution
Lines of code Vulnerability details Impact Distribution fees can be bypassed by ragequitting instead of distributing Proof of Concept address payable feeRecipient = feeRecipient; uint16 feeBps = feeBps; if tokenType == ITokenDistributor.TokenType.Native return distributor.createNativeDistribution...
The distribution logic will be broken after calling rageQuit()
Lines of code Vulnerability details Impact Malicious users might receive more distributed funds than they should with higher distributionShare. Proof of Concept In PartyGovernanceNFT.sol, there is a getDistributionShareOf function to calculate the distribution share of party NFT. function...
Tokens with multiple entry points can lead to loss of funds in rageQuit()
Lines of code Vulnerability details Tokens with multiple entry points can lead to loss of funds in rageQuit ERC20 tokens with multiple entry points also known as double entry tokens or two address tokens can be used to exploit the rageQuit function and steal funds from the party. Impact The...
Burning an NFT can be used to block voting
Lines of code Vulnerability details Burning an NFT can be used to block voting Impact A new validation in the accept function has been introduced in order to mitigate a potential attack to the party governance. By burning an NFT, a party member can reduce the total voting power of the party just...
Fairness should be denominated in mintedVotingPower rather than totalVotingPower
Lines of code Vulnerability details Impact Rage quitter receives too little. Proof of Concept The rage quitter receives a share votingPowerByTokenIdtokenId 1e18 / totalVotingPower of each token balance. However the sum of votingPowerByTokenIdtokenId over all tokenId, i.e. mintedVotingPower, may b...
Rage quitting availability cannot be reliably guaranteed
Lines of code Vulnerability details Impact The host can block specific rage quits, invalidating some of the security offered by the rage quit functionality. Proof of Concept Rage quitting is only allowed before rageQuitTimestamp or if permanently enabled: // Check if ragequit is allowed. uint40...
Governance NFT can be burned to DoS accept()
Lines of code Vulnerability details Impact accept can be DoS'd by burning governance NFTs. Authorities can effectively veto proposals. Proof of Concept The new lastBurnTimestamp reverts PartyGovernance.accept if lastBurnTimestamp == block.timestamp. lastBurnTimestamp is set in...
Host can bypass reentrancy guard in rageQuit()
Lines of code Vulnerability details Impact Host can bypass reentrancy guard in rageQuit. Proof of Concept In PartyGovernanceNFT.rageQuit there is a reentrancy guard: // Check if ragequit is allowed. uint40 currentRageQuitTimestamp = rageQuitTimestamp; if currentRageQuitTimestamp !=...
Reentrancy guard in rageQuit() can be bypassed
Lines of code Vulnerability details Reentrancy guard in rageQuit can be bypassed The reentrancy guard present in the rageQuit function can be bypassed by host accounts, leading to reentrancy attack vectors and loss of funds. Impact The new rageQuit function can be used by party members to exit...
Possible overflow in PartyGovernance._isUnanimousVotes()
Lines of code Vulnerability details Impact Proposals can't be executed if totalVotes = 8e24. Furthermore, if emergencyExecuteDisabled == true and rageQuitTimestamp == DISABLERAGEQUITPERMANENTLY, users can't take out the funds from the party forever. Proof of Concept In isUnanimousVotes, it...
Users can withdraw more funds if the party has tokens with multiple addresses.
Lines of code Vulnerability details Impact Users can withdraw more funds if the party has tokens with multiple addresses. Proof of Concept Users can burn their party NFTs and take the share of the party's funds. function rageQuit uint256 calldata tokenIds, IERC20 calldata withdrawTokens, address...
Rage quit modifications should be limited to provide stronger guarantees to party members
Lines of code Vulnerability details Rage quit modifications should be limited to provide stronger guarantees to party members Party hosts can arbitrarily change the rage quit settings overriding any existing preset. Impact Rage quit is implemented in the PartyGovernanceNFT contract by using a...
Upgraded Q -> 2 from #11 [1685422294441]
Judge has assessed an item in Issue 11 as 2 risk. The relevant finding follows: L-03:getReward It is recommended to add balance0 before executing transfer getReward will do a transfer on rewaredsToken Since the rewards are from convex, we can't be sure what kind of token it is. we can't be sure...
Rage quitter loses his claimable share of distributed tokens
Lines of code Vulnerability details Impact Rage quitter loses his claimable share of distributed tokens. Proof of Concept PartyGovernanceNFT.rageQuit burns a governance NFT and transfers its share of the balance of ETH and tokens: // Burn caller's party card. This will revert if caller is not the...
CrossDomainMessenger relayMessage Vulnerability
Lines of code Vulnerability details Impact The vulnerability allows an attacker to manipulate the sender address sender parameter when relaying a message from Layer 2 L2 to Layer 1 L1 in a cross-domain scenario. The issue arises due to the use of the L2CrossDomainMessenger contract address...
accept() can be delayed or gas-griefed by burning a governance NFT
Lines of code Vulnerability details Impact Rage quitting or burning a token will set the lastBurnTimestamp to the current block's timestamp. This disables accept for the rest of the transactions in the block. This bug can be abused to either gas-grief or delay acceptance of proposals long enough...
Host can instantly set rageQuitTimestamp and prevent members from rage quitting
Lines of code Vulnerability details Impact A malicious Host can front-run rage-quitting members and setRageQuitTimestamp to a time in the past and disable rageQuit. Proof of Concept Ragequit serves as a protective measure for members of a Party to do an emergency withdrawal of their assets in cas...
Upgraded Q -> 2 from #19 [1685157301242]
Judge has assessed an item in Issue 19 as 2 risk. The relevant finding follows: 1. The first staker of the wxETH can get all the unlocked rewards immediately in the same block. code lines: For the first staker of the wxETH, the totalSupply of the wxETH is 0. So he can wrap the xETH to wxETH as 1:...
Risk assessment of the finalizeETHWithdrawal function in the bridge contract
Lines of code Vulnerability details Summary The finalizeBridgeETH function: function finalizeETHWithdrawal address from, address to, uint256 amount, bytes calldata extraData external payable finalizeBridgeETHfrom, to, amount, extraData; is a public function, which means that anyone can call it...
deployAndExecute() function in Factory should be payable
Lines of code Vulnerability details deployAndExecute function in Factory should be payable The deployAndExecute function fails to consider ETH payments that may need to be forwarded to the wallet's execute function. Impact The deployAndExecute function present in the AmbireAccountFactory can be...
Recovery transaction can be replayed after a cancellation
Lines of code Vulnerability details Recovery transaction can be replayed after a cancellation The recovery transaction can be replayed after a cancellation of the recovery procedure, reinstating the recovery mechanism. Impact The Ambire wallet provides a recovery mechanism in which a privilege ca...
Fallback handlers can trick users into calling functions of the AmbireAccount contract
Lines of code Vulnerability details Fallback handlers can trick users into calling functions of the AmbireAccount contract Selector clashing can be used to trick users into calling base functions of the wallet. Impact Fallback handlers provide extensibility to the Ambire wallet. The main idea her...
Requirement for having timelocks on recovery transactions is not enforceable
Lines of code Vulnerability details Impact When calling the following AmbireAccount.execute function with sigMode being SIGMODERECOVER, a recovery transaction can be scheduled if requireprivilegessignerKeyToRecover == recoveryInfoHash, 'RECOVERYNOTAUTHORIZED' and requireisIn,...
Current design won't allow to update reference implementation without breaking counterfactuality
Lines of code Vulnerability details Current design won't allow to update reference implementation without breaking counterfactuality The current design of the Ambire wallet doesn't allow to update the reference implementation as doing so will break counterfactuality. Impact Ambire wallets are...
AmbireAccount implementation can be destroyed by privileges
Lines of code Vulnerability details AmbireAccount implementation can be destroyed by privileges The AmbireAccount implementation can be destroyed, resulting in the bricking of all associated wallets. Impact The AmbireAccount contract has a constructor that setups privileges, these are essentially...
AmbireAccount.isValidSignature() does not cover recovery signatures
Lines of code Vulnerability details Impact A recovery key can sign for a recovery but cannot get isValidSignature to return that it is valid. Proof of Concept AmbireAccount.isValidSignature is implemented as follows function isValidSignaturebytes32 hash, bytes calldata signature external view...
It is possible that recovery transaction cannot be performed even if signer still controls address that is an address of recoveryInfo.keys
Lines of code Vulnerability details Impact When a signer's privileged address is compromised, this signer can call the following AmbireAccount.execute function with sigMode being SIGMODERECOVER by using a signature signed by an address of recoveryInfo.keys that is still controlled by such signer ...
Project may fail to be deployed to chains not compatible with Shanghai hardfork
Lines of code Vulnerability details Project may fail to be deployed to chains not compatible with Shanghai hardfork Current settings may produce incompatible bytecode with some of the chains supported by the protocol. Impact The Ambire wallet supports and targets different chains, such as Ethereu...
SignatureValidator.recoverAddrImpl for mode Multisig checks only the last value is different to zero address
Lines of code Vulnerability details Description Current implementation when mode == SignatureMode.Multisig only checks that the last time signer is calculated is different from zero address. The variable signer is overwritten with a new value, based on the previous value and the current signature...
Attacker can force the failure of transactions that use tryCatch
Lines of code Vulnerability details Attacker can force the failure of transactions that use tryCatch An attacker or malicious relayer can force the failure of transactions that rely on tryCatch by carefully choosing the gas limit. Impact The tryCatch function present in the AmbireAccount contract...
TEST M
Lines of code Vulnerability details TEST Assessed type call/delegatecall --- The text was updated successfully, but these errors were encountered: All reactions...
execute() replay RECOVER after cancel
Lines of code Vulnerability details Impact Maliciously replay a recover transaction that has been cancelled and execute it Proof of Concept The user can cancel the transactions already in scheduledRecoveries by using SIGMODECANCEL. The code is as follows: function executeTransaction calldata txns...
new finding
Lines of code L2 Vulnerability details test Assessed type Decimal --- The text was updated successfully, but these errors were encountered: All reactions...
H-100 Unmitigated
Lines of code L1 Vulnerability details test Assessed type call/delegatecall --- The text was updated successfully, but these errors were encountered: All reactions...
test with new label
Lines of code L1 Vulnerability details test Assessed type CanAuto --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> 2 from #964 [1684819958119]
Judge has assessed an item in Issue 964 as 2 risk. The relevant finding follows: L1 --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> 2 from #928 [1684820150232]
Judge has assessed an item in Issue 928 as 2 risk. The relevant finding follows: L4 --- The text was updated successfully, but these errors were encountered: All reactions...
Invalid
Lines of code Vulnerability details Assessed type Other --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> 2 from #42 [1684786437801]
Judge has assessed an item in Issue 42 as 2 risk. The relevant finding follows: While the "division before multiplication" issues described in M-01 have been mitigated in the proposed changeset, there are other cases which should be addressed too. Technical Details In SafEth::stake the calculatio...
No deadline for swaps
Lines of code Vulnerability details Impact No deadline for swaps allows transactions to be executed later, unfavourably or maliciously. Proof of Concept When tokens are to be swapped rather than minted, slippage is controlled in uniswapV3SwapCallback by minimumAmountReceived which is calculated...
contract might not function due to lack of funds
Lines of code Vulnerability details Impact when the contract receives a Uniswap pool callback the contract performs some checks before it proceeds to call the weth.deposit with a msg.value that is equal to amountToSend to wrap eth and transfer it to the pool, however the contract is not guarantee...
WETH transfer may fail silently in 'uniswapV3SwapCallback' function and execution may stop without any reverts or notification.
Lines of code Vulnerability details Impact WETH transfer may fail silently in 'uniswapV3SwapCallback' function and execution may stop without any reverts or notification. Proof of Concept In the 'uniswapV3SwapCallback' function There's no checks if the WETH transfer have failed or not . If the...
Missing "if (beneficiaryTokenCount < _minReturnedTokens) revert INADEQUATE_TOKEN_COUNT();" check in the _mint() function of the JBXBuybackDelegate.sol + DoS for the pay() function in the JBPayoutRedemptionPaymentTerminal3_1.sol (or the JBETHPaymentTerminal3_1.sol)
Lines of code Vulnerability details Impact The issue contains 2 parts: 1. The mint function has the "if beneficiaryTokenCount minReturnedTokens revert INADEQUATETOKENCOUNT;" check missing. This check is used to identify whether the beneficiaryTokenCount amount is greater than or equal to the...
JBXBuybackDelegate.didPay() allows for positive slippage theft
Lines of code Vulnerability details Impact The JBXBuybackDelegate.didPay calls swap which utilizes the Uniswap's swap function. JBXBuybackDelegate incorporates a negative slippage check in uniswapV3SwapCallback. However, it fails to consider the deadline parameter of the transaction. The deadline...
JBXBuybackDelegate swap pathway always reverts unless slippage is set to 100%
Lines of code Vulnerability details Impact The swap pathway will never work and it will revert due to a validation error unless the user specifies a slippage of 100%. This would be extremely harmful as it would let users be targeted by MEV bots. Proof of Concept This is the pathway to payParams:...
If the controller for _data.projectId is not defined, it can lead to incorrect execution of _swap() and theft of funds by the beneficiary.
Lines of code Vulnerability details Impact If the controller is not defined in the swap function, then it becomes impossible to mint and burn tokens, which leads to incorrect execution of the function. IJBController controller = IJBControllerjbxTerminal.directory.controllerOfdata.projectId; Proof...
TEST Med 2
Lines of code L1 Vulnerability details test medium Assessed type Access Control --- The text was updated successfully, but these errors were encountered: All reactions...