Measuring the withdrawal delay in block production time won't work properly on chains where the production time is not 12 seconds

Lines of code Vulnerability details Proof of Concept For withdrawals other than beaconChainETH, the variables withdrawalDelayBlocks and MAXWITHDRAWALDELAYBLOCKS will be used to enforce a delay for withdrawals in StrategyManager.sol. Currently MAXWITHDRAWALDELAYBLOCKS is set to 50400. uint256 publ...

Staker can avoid ETH slash by front run slashQueuedWithdrawal() with completeQueuedWithdrawal()

Lines of code Vulnerability details Impact Malicious staker can avoid the service's slash on its restaked ETH shares. Proof of Concept This issue is similar to Staker can avoid ETH slash by front run slashShares with verifyOvercommittedStake, but with a different logic. When a service/middleware...

Skipping indices of malicious strategies does not work

Lines of code Vulnerability details Impact In src/contracts/core/StrategyManager.solL536 parameter indicesToSkip per documentation: """exists so that, e.g., if the slashed QueuedWithdrawal contains a malicious strategy in the strategies array which always reverts on calls to its 'withdraw'...

Upgraded Q -> 3 from #316 [1683219136420]

Judge has assessed an item in Issue 316 as 3 risk. The relevant finding follows: L-04 USE THE OPENZEPPELIN SAFECAST LIBRARY FOR CRITICAL FUNCTIONS 2 --- The text was updated successfully, but these errors were encountered: All reactions...

freezeOperator will not be able to freeze an operator

Lines of code Vulnerability details Impact freezeOperator will not be able to freeze an operator address in blockchain reorg situation Proof of Concept canSlash function is relying on block.number as it should be lower than contractCanSlashOperatorUntilBlock. that will work fine until a reorg on...

Upgraded Q -> 3 from #13 [1683219131959]

Judge has assessed an item in Issue 13 as 3 risk. The relevant finding follows: L-6 Consider using OpenZeppelin’s SafeCast library to prevent unexpected errors 3 --- The text was updated successfully, but these errors were encountered: 👍 1 sathishpic22 reacted with thumbs up emoji All reactions 👍...

High gas consumption vulnerability due to high merkle tree heights

Lines of code Vulnerability details Impact The issue stems from the utilization of tall trees in numerous merkle trees within the BeaconChainProofs library. This could lead to considerable gas consumption during the creation and verification of such trees. The consequence of this vulnerability is...

Overflow Excessive claims could overwhelm storage _userWithdrawals mapping

Lines of code Vulnerability details Impact By submitting an excessive number of claims through a compromised user, an attacker could theoretically overwhelm the storage used for mapping users to their delayed withdrawals. If critical data is overwritten, the contract would be rendered unusable...

Function trigering

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The redeemPayment funtion does not check if the payment token being transferred to the delegation terms contract is approved by the sender. This can allow an attacker to call this function and transfer...

Slashing can be frontrunned

Lines of code Vulnerability details Proof of Concept When attempting to withdraw funds, the user calls queueWithdrawal first. queueWithdrawal checks that the caller is not frozen, then marks the withdrawal as pending. function queueWithdrawal uint256 calldata strategyIndexes, IStrategy calldata...

Vulnerability in Pause Function

Lines of code Vulnerability details Impact An attacker can exploit this vulnerability by setting any value as the new paused status code, which can allow the attacker to circumvent the pausing restrictions and carry out unauthorized actions on the contract. This can lead to significant consequenc...

Upgraded Q -> 3 from #549 [1683219263333]

Judge has assessed an item in Issue 549 as 3 risk. The relevant finding follows: L-02 Unsafe casting of uints Downcasting from uint256 in Solidity does not revert on overflow. This can easily result in undesired exploitation or bugs, since developers usually assume that overflows raise errors...

Users can queue a withdrawal and potentially withdraw completely if PAUSED_EIGENPODS_VERIFY_OVERCOMMITTED = false

Lines of code Vulnerability details Impact Users can queue a withdrawal and potentially withdraw completely if PAUSEDEIGENPODSVERIFYOVERCOMMITTED = false Proof of Concept We need to look at two functions. The first one is function verifyOvercommittedStake uint40 validatorIndex,...

[M-1] Potential DoS attack due to unchecked array lengths in loop

Lines of code Vulnerability details M-1 Potential DoS attack due to unchecked array lengths in loop Impact If strategies and shares have different lengths and the code uses them in a loop without checking their lengths, it could potentially cause an out-of-bounds error, which could lead to a...

anyone can call initialize() functions which can cause lost of funds and contract ownership

Lines of code Vulnerability details Impact Most of the smart contracts have an initialize function that anyone can call as initialize function visibility is either external or public. This could lead to a race condition when the contract is deployed. At that moment a hacker or attacker could call...

deposit will cause erros if totalShares is 1e9-1 or less

Lines of code Vulnerability details Impact user funds will be stuck Proof of Concept User will not be able to withdraw for tokens that are less then 1e9-1 like usdt This is a warning in the code WARNING: In order to mitigate against inflation/donation attacks in the context of ERC4626, this...

Upgraded Q -> 2 from #225 [1683100933057]

Judge has assessed an item in Issue 225 as 2 risk. The relevant finding follows: uint256 exponent = baseToken == address0 ? 18 - 4 : ERC20baseToken.decimals - 4; will revert since ERC20baseToken.decimals - 4; causes an underflow --- The text was updated successfully, but these errors were...

Upgraded Q -> 2 from #200 [1683080702977]

Judge has assessed an item in Issue 200 as 2 risk. The relevant finding follows: L-03 KangarooVaultminDepositAmount should be a fairly high number to prevent 0 deposits or dust deposits that may affect the deposit/withdrawal process --- The text was updated successfully, but these errors were...

Upgraded Q -> 3 from #407 [1683102761347]

Judge has assessed an item in Issue 407 as 3 risk. The relevant finding follows: L01 Unsafe downcasting On PrivatePool.solL230-L231 there are two unsafe downcasting from uint256 to uint128; virtualBaseTokenReserves += uint128netInputAmount - feeAmount - protocolFeeAmount; virtualNftReserves -=...

Upgraded Q -> 2 from #898 [1683143849953]

Judge has assessed an item in Issue 898 as 2 risk. The relevant finding follows: Royalty receiver will not get correct royalty as saleprice is not calculated properly uint256 salePrice = outputAmount / sellsi.tokenIds.length; Here the salesprice for an nft is calculated by using the above formula...

Updating a submission - testing is i can add a submission by team that was originally an issue for a single warden.

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps testings...

Upgraded Q -> 2 from #882 [1683052816154]

Judge has assessed an item in Issue 882 as 2 risk. The relevant finding follows: If royaltyFee 0 and recipient == address0 users will be overcharged --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 3 from #222 [1683017474019]

Judge has assessed an item in Issue 222 as 3 risk. The relevant finding follows: L-02 Downcasting uint or int may result in overflow Consider using OpenZeppelin's SafeCast library to prevent unexpected overflows. Instances: 2 File: src/PrivatePool.sol 231: virtualNftReserves -= uint128weightSum;...

Upgraded Q -> 3 from #284 [1683017290576]

Judge has assessed an item in Issue 284 as 3 risk. The relevant finding follows: NFT tokens sent to the EthRouter contract by mistake can be drained by pool contracts. When someone calls sell, deposit or change functions on EthRouter contract, the contract gives the particular pool full approval...

Upgraded Q -> 2 from #878 [1683053128185]

Judge has assessed an item in Issue 878 as 2 risk. The relevant finding follows: L-3 Potential loss of funds when paying royalties - --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #240 [1683052133668]

Judge has assessed an item in Issue 240 as 2 risk. The relevant finding follows: LOW‑11 tokenURI does not follow EIP-721 The EIP states that tokenURI "Throws if tokenId is not a valid NFT", which the code below does not do. If the NFT has not yet been minted, tokenURI should revert Proof Of Conce...

Upgraded Q -> 2 from #878 [1683053139232]

Judge has assessed an item in Issue 878 as 2 risk. The relevant finding follows: L-8 Zero amount ERC20 token transfers may fail some implementations - --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #680 [1683016840166]

Judge has assessed an item in Issue 680 as 2 risk. The relevant finding follows: A. Fee structure is inconsistent for buys/changes. In buy and sell function protocolFee is based on a percentage of the input/output amount but in change the fee is based on the pool fee not the input amount. It shou...

Upgraded Q -> 2 from #882 [1683052810426]

Judge has assessed an item in Issue 882 as 2 risk. The relevant finding follows: Attacker can front-run create to steal tokens sent to predetermined address --- The text was updated successfully, but these errors were encountered: All reactions...

Testing Issue Type

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps testing...

Upgraded Q -> 2 from #882 [1683052832814]

Judge has assessed an item in Issue 882 as 2 risk. The relevant finding follows: In changeFeeQuote if changeFee == 0 protocolFeeAmount becomes 0 --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #680 [1683016846473]

Judge has assessed an item in Issue 680 as 2 risk. The relevant finding follows: D. FlashFee is a flat amount, meaning the cost to flash loan an NFT at floor price is the same as one worth 5x the floor price. FlashFee should instead be based on the weigh of the NFT being flashloaned, with more...

Upgraded Q -> 2 from #245 [1683017351880]

Judge has assessed an item in Issue 245 as 2 risk. The relevant finding follows: L-05 PrivatePoolMetadata.tokenURI is not compliant with EIP721 It implements PrivatePoolMetadata.tokenURI , a function overriding ERC721's tokenURI. This function returns the metadata URI of the provided token ID The...

Upgraded Q -> 2 from #740 [1683013961460]

Judge has assessed an item in Issue 740 as 2 risk. The relevant finding follows: Royalty receiver can reject, unsupported, or be blacklisted to receive royalty fee token and can result in the whole transaction be reverted. --- The text was updated successfully, but these errors were encountered:...

Upgraded Q -> 2 from #854 [1683053416481]

Judge has assessed an item in Issue 854 as 2 risk. The relevant finding follows: L-07 Malicious collection owner could steal all base tokens by updating royalty during calls 1 --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #854 [1683053410661]

Judge has assessed an item in Issue 854 as 2 risk. The relevant finding follows: L-01 Reorg attack possibility in pool factory 1 --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #882 [1683052827510]

Judge has assessed an item in Issue 882 as 2 risk. The relevant finding follows: changeFeeQuote reverts for tokens with decimals less than 4 --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #882 [1683052821779]

Judge has assessed an item in Issue 882 as 2 risk. The relevant finding follows: In function buy and sell if one royalty recipients reverts whole transaction will fail --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #543 [1683017069535]

Judge has assessed an item in Issue 543 as 2 risk. The relevant finding follows: changeFeeQuote assumes all base tokens will be of decimals of at 4 decimals. However this would lead to issues whereby baseToken is of 2 decimal place. --- The text was updated successfully, but these errors were...

Upgraded Q -> 2 from #215 [1683053585771]

Judge has assessed an item in Issue 215 as 2 risk. The relevant finding follows: QA10 Both EthRouterbuy and EthRoutersell do not check whether recipient == address0, as a result, they might send royalty fees to the zero address - loss of funds. --- The text was updated successfully, but these...

Upgraded Q -> 2 from #198 [1683053533286]

Judge has assessed an item in Issue 198 as 2 risk. The relevant finding follows: L2 - Royalty payment is unfair --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 3 from #878 [1683053134023]

Judge has assessed an item in Issue 878 as 3 risk. The relevant finding follows: L-7 Potential overflow while updating reserves values in PrivatePool contract - --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #878 [1683053122687]

Judge has assessed an item in Issue 878 as 2 risk. The relevant finding follows: L-2 Royalties are paid assuming all NFTs in the batch are equally priced - --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 2 from #198 [1683053528122]

Judge has assessed an item in Issue 198 as 2 risk. The relevant finding follows: L1 - The pool takes more royalty fee than it spends --- The text was updated successfully, but these errors were encountered: All reactions...

HexUtils.hexStringToBytes32 successfully processes data with invalid input indexes

Lines of code Vulnerability details Impact The HexUtils.hexStringToBytes32 never validates the idx and lastIdx input index values. function hexStringToBytes32 bytes memory str, uint256 idx, uint256 lastIdx internal pure returns bytes32 r, bool valid valid = true; assembly // check that the index ...

Trust anchors cannot be updated

Lines of code Vulnerability details Impact It will not be possible to claim names, because ENS will not be able to verify DNSSEC records after a root key rollover. Proof of Concept The DNSSEC root key signing keys act as trust anchors for the entire system. If they are invalid DNSSEC records...

Unbounded Loop in DNS Name Encoder Library

Lines of code Vulnerability details Impact The unchecked keyword disables overflow and underflow checks for arithmetic operations, which can cause unexpected behavior if the loop is not properly bounded. In this specific case, the loop is not properly bounded, which can cause the loop to run...

length OF THE BYTES ARRAY IS NOT CHECKED BEFORE SUBSTRING IS EXTRACTED FROM IT, WHICH COULD LEAD TO SUBSTRING OF bytes(0)

Lines of code Vulnerability details Impact In RRUtils.readDNSKEY function, if the length == 4 then the self.publicKey will be an empty bytes array. No check is performed to validata the length variable. This will return the public key of the DNSKEY as an empty bytes array. Check should be perform...

Invalid addresses will be accepted as resolvers, possibly bricking assets

Lines of code Vulnerability details Description The hexToAddress utility parses a string into an address type. function hexToAddress bytes memory str, uint256 idx, uint256 lastIdx internal pure returns address, bool if lastIdx - idx 40 return address0x0, false; bytes32 r, bool valid =...

HexUtils.hexStringToBytes32() and HexUtils.hexToAddress() may return incorrect results

Lines of code Vulnerability details Impact The HexUtils.hexStringToBytes32 and HexUtils.hexToAddress may return incorrect results if the input data provided is not in a standard format. This could cause the contract to behave abnormally in some scenarios or be exploited for malicious purposes...