Offchain name resolution would fail despite the located DNS resolver being fully functional

Lines of code Vulnerability details Description In OffchainDNSResolver, resolveCallback parses resource records received off-chain and extracts the DNS resolver address: // Look for a valid ENS-DNS TXT record address dnsresolver, bytes memory context = parseRR iter.data, iter.rdataOffset,...

Offchain resolver can be subject to man in the middle attacks

Lines of code Vulnerability details Description Calls to the offchain resolver are produced by the code below: function resolve bytes calldata name, bytes calldata data external view returns bytes memory string memory urls = new string; urls0 = gatewayURL; revert OffchainLookup addressthis, urls,...

Insecure Ownership Management in DNSSECImpl.sol

Lines of code Vulnerability details Impact This finding highlights a potential security risk related to the lack of safeguards when changing ownership in the DNSSECImpl.sol contract. As it stands, the current implementation allows for the owner to be set to address0, which could result in the los...

If a label for a domain gets locked once, the domain will never be able to be claimed in DNSRegistrar.sol, since there's no method to unlock a label

Lines of code Vulnerability details Proof of Concept When claiming a domain in DNSRegistrar.sol either through proveAndClaim or proveAndClaimWithResolver, the internal function enableNode will be called. The snippet bellow shows that when owner == address0 or owner == previousRegistrar and...

SHA1 Hashing Algorithm vulnerable to Length Extension Attack

Lines of code Vulnerability details Impact The implementation of the SHA1 hashing algorithm in the code has a significant impact as it is vulnerable to the length extension attack. This attack enables us to create a new hash for an extended message without altering the existing hash, even though ...

DNS wire format AND DNS label-sequence format ARE USED INTERCHANGABLY TO REPRESENT DOMAIN NAMES DURING RRSet VALIDATION

Lines of code Vulnerability details Impact @param name The name to claim, in DNS wire format. above format is used in DNSRegistrar.proveAndClaim and DNSRegistrar.proveAndClaimWithResolver functions @param name The name of the RRSIG record, in DNS label-sequence format. above format is used in...

Claiming of domains will likely be locked due to a bad check in _enableNode

Lines of code Vulnerability details Description DNS name claims all go through claim which calls enableNode, which calls enableNode. Nodes are enabled recursively, from the root downwards.The following check occurs in enableNode: node = keccak256abi.encodePackedparentNode, label; address owner =...

Malicious users can exploit NameEncoder vulnerability to forge arbitrary names

Lines of code Vulnerability details Impact A malicious user can spoof NameEncoder.dnsEncodeName by forging a name to impersonate any other name, which can lead to faulty contract logic or even theft of someone else's name. Proof of Concept The function NameEncoder.dnsEncodeName is used to convert...

Vulnerability in Keccak Function Used for Equality Check in equals() Function.

Lines of code Vulnerability details Impact The BytesUtils library is using Keccak function to check for equality in the equals function. This is a security concern since the Keccak function is vulnerable to hash collisions, which could allow a malicious user to create an input that matches a...

Having RRSetWithSignature has absolute power

Lines of code Vulnerability details Impact Assuming that RRSetWithSignature is issued for Alice, Alice executes the proveAndClaim function and becomes the owner of DNS. She then transfers it to Bob. When Alice executes the proveAndClaim function again, she becomes the owner of DNS once more, and...

Improper Implementation of Interface

Lines of code Vulnerability details Impact The improper implementation of interfaces can cause unexpected behavior in the contract and lead to an unwanted state of the contract. This can potentially affect several functions. Description The DNSSECImpl contract contains two internal functions,...

BytesUtils.substring accepts out of bound offset input

Lines of code Vulnerability details Impact The BytesUtils.substring function accepts out of bound offset value and returns a valid response without reverting. function substring bytes memory self, uint256 offset, uint256 len internal pure returns bytes memory requireoffset + len = self.length;...

High Gas Costs Due to Unnecessary String Iteration in HexUtils Library's hexStringToBytes32() Function.

Lines of code Vulnerability details Impact The hexStringToBytes32 function in the HexUtils library iterates over the entire input string, even though only a portion of it is needed to compute the output, but still, this can lead to unnecessarily high gas costs, especially for large input strings...

Inception can be set into the future due to unsafe cast in RRUtils.serialNumberGte()

Lines of code Vulnerability details Proof of Concept RRUtils.serialNumberGte will use an unsafe signed cast which allows inceptions to be set to values bigger than int32 without any revert taking place. The function will cast i1 and i2 from uint32 to int32 in an unchecked block, and then it will...

BytesUtils.keccak does not revert when offset is out of bounds

Lines of code Vulnerability details Impact The BytesUtils.keccak function accepts out of bound offset value and returns a valid response without reverting. function keccak bytes memory self, uint256 offset, uint256 len internal pure returns bytes32 ret requireoffset + len = self.length; assembly...

The resolver address is redeclared in the "proveAndClaimWithResolver" function, which may cause a potential vulnerability.

Lines of code Vulnerability details Impact The vulnerability may allow an attacker to use a different address and potentially exploit the system for their own gain Proof of Concept address public immutable resolver; The proveAndClaimWithResolver function redeclares the resolver variable even thou...

DNSRegistrar does not support domain trees which is key functionality for DNS

Lines of code Vulnerability details Description In DNS it is exceedingly common to have paths such as a.b.c or a.b.c.d. However, the DNSRegistrar fails to support it. enableNode verifies the parent domain is a valid public suffix. function enableNodebytes memory domain public returns bytes32 node...

OffchainDNSResolver Contract Missing onlyOwner Modifier in Constructor Can Lead to DNS Hijacking Attacks

Lines of code Vulnerability details Impact The OffchainDNSResolver contract has a security vulnerability where it doesn't have a safeguard called the onlyOwner modifier in its constructor, this means that anyone can deploy the contract. This could allow a bad actor to create a version of the...

Missing important check in getOwnerAddress() function in DNSClaimChecker.sol

Lines of code Vulnerability details Impact getOwnerAddress function used in DNSClaimChecker.sol is missing important check on the type and class of the records. Also this getOwnerAddress function is used in DNSRegistar.sol claim function to claim a name using the given proofs Since there are chec...

TEST FINDING

Lines of code Vulnerability details ISSUE FOR TESTING PURPOSES Assessed type Uniswap --- The text was updated successfully, but these errors were encountered: All reactions...

SHA-1 chosen prefix collision

Lines of code Vulnerability details Impact An attacker can claim DNS names signed with SHA-1 algorithms 5 and 7 which he does not own. Proof of Concept SHA-1 has been broken for chosen prefix collision. This means that an attacker can have his parent domain, if it signs with SHA-1, sign an RRset...

TEST FINDING

Lines of code Vulnerability details ISSUE FOR TESTING PURPOSES Assessed type Upgradable --- The text was updated successfully, but these errors were encountered: All reactions...

Incorrect implementation of RRUtils.serialNumberGte

Lines of code Vulnerability details Impact Comparing serial numbers should follow RFC1982 due to the possibility of numbers wrapping around. RRUtils.serialNumberGte tried to follow the RFC but failed to do so, leading to incorrect results in comparison. Proof of Concept For a serial number i1 to ...

Arithmetic Overflow in hexStringToBytes32 Function

Lines of code Vulnerability details Impact The vulnerability in the hexStringToBytes32 function can lead to an arithmetic overflow if the length of the hex-encoded string is odd, the loop that reads the hex-encoded string has a condition that checks for the last index, but the index is incremente...

Fully qualified domain names are incorrectly resolved

Lines of code Vulnerability details Impact A relative domain name like foo.eth becomes fully qualified if it ends with a dot, e.g. foo.eth., although this might seem unfamiliar to some, it's the standard and part of the DNS specification, see Fully qualified domain name, Trailing Dots in Domain...

Upgraded Q -> 2 from #763 [1682682097179]

Judge has assessed an item in Issue 763 as 2 risk. The relevant finding follows: In line 87 there's a check for a pause setting. If staking is currently paused, the operation will fail. Similar to the edge case described above, line 88 verifies that msg.value != 0. The division in the weighted...

HexUtils.hexStringToBytes32 does not exclude the last index in str

Lines of code Vulnerability details Impact The HexUtils.hexStringToBytes32 intends to exclude the lastIdx index in the input str. See the @param comment for lastIdx parameter: / @dev Attempts to parse bytes32 from a hex string @param str The string to parse @param idx The offset to start parsing ...

Incorrect implementation of RecordParser.readKeyValue()

Lines of code Vulnerability details Impact RecordParser.readKeyValue returns a wrong value if the terminator not found. This is a fundamental library and any contract using it may experience unexpected errors and problems due to this bug. Proof of Concept The implementation logic of...

Anyone can call enableNode and set a node resolver

Lines of code Vulnerability details Impact The lack of access control allows anyone to call the enableNode function and set the ENS resolver to the resolver set in DNSRegistrar if it has not been set before, or it belongs to the previous registrar set on the contract. This results in any unset no...

Upgraded Q -> 2 from #463 [1682585731493]

Judge has assessed an item in Issue 463 as 2 risk. The relevant finding follows: L-08 Swapping in Reth.sol may be sub-optimal The Reth pool uses the Weth/Reth 0.05% fee pool to swap between weth and reth. I recommend using the balancer pool to swap instead as it has 80M liquidity compared to...

Upgraded Q -> 2 from #706 [1682589361421]

Judge has assessed an item in Issue 706 as 2 risk. The relevant finding follows: 02 USERS CANNOT SET OWN SLIPPAGE WHEN STAKING AND UNSTAKING Only the owner of the SafEth contract can call the following SafEth.setMaxSlippage function to set maxSlippage that is used in the corresponding derivative...

Unvalidated External Library Usage in RSASHA256Algorithm

Lines of code Vulnerability details Impact A hacker could exploit this vulnerability to inject malicious code into the contract, potentially allowing them to steal user funds or take control of the contract. Proof of Concept To demonstrate the attack vector, lets deploy a malicious version of the...

Upgraded Q -> 3 from #883 [1682591277339]

Judge has assessed an item in Issue 883 as 3 risk. The relevant finding follows: As such, if deposit or withdraw reverts for any derivative, stake and unstake will fail. This could cause stake and unstake to permanently revert for an prolonged period of time, as it is possible for deposit and...

Upgraded Q -> 2 from #883 [1682591284215]

Judge has assessed an item in Issue 883 as 2 risk. The relevant finding follows: This could cause stake and unstake to permanently revert for an prolonged period of time, as it is possible for deposit and withdraw to revert due to unchecked external conditions: Reth The rocket pool DAO can disabl...

Potential SHA256 Digest Vulnerability in Solidity Contract

Lines of code Vulnerability details Impact This vulnerability enables the hacker to pass malicious data to the "verify" function, which in turn uses the said data as input for the sha256 function, this can lead to unexpected or incorrect output, potentially resulting in unauthorized access to...

SHA1Digest Contract Vulnerability

Lines of code Vulnerability details Impact The vulnerability is related to the use of the SHA1 hashing algorithm in the SHA1Digest contract. SHA1 is an outdated cryptographic hash function that has been deprecated by most security experts due to its weaknesses and susceptibility to collision...

Upgraded Q -> 2 from #623 [1682589089611]

Judge has assessed an item in Issue 623 as 2 risk. The relevant finding follows: L‑05 Stuck dust in SafEth contract for division When stake in the contract SafEth some WEIs could be stuck in the contract because the equation uint256 ethAmount = msg.value weight / totalWeight;, in example: ethAmou...

A malicious user can impersonate an official address by registering a prefix of it as a name.

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. A malicious user can impersonate an official address by registering a prefix of it as a name. This is possible because parseAndResolve will first parse an address-style name as address first, and when i...

verifySignatureWithKey - RRSIG RR's Signer's Name is never checked if it matches owner name

Lines of code Vulnerability details Impact According to RFC 4035 and as mentioned in the comments in function "verifySignatureWithKey" , the Signer's name should also be checked if it matches the owner name. If the Signer's Name field of an RRSIG record does not match the owner name of a DNSKEY...

Incorrect shift in assembly

Lines of code Vulnerability details Impact Shift operators shlx, y, shrx, y, sarx, y in Solidity assembly apply the shift operation of x bits on y and not the other way around, which may be confusing. Check if the values in a shift operation are reversed. Proof of Concept File:...

A DNS owner can sell the domain and then regain it back using a signature while he was still the owner of the domain

Lines of code Vulnerability details Impact The buying user would have spent money buying the DNS domain to the previous owner and still not have the DNS domain under their ownership. Proof of Concept A malicious user can: Build a proof for their ownership of a dns domain setting their address in...

proveAndClaim and proveAndClaimWithResolver can be front-run to claim the same name by a malicious user

Lines of code Vulnerability details Impact In the DNSRegistrar contract, the proveAndClaim and proveAndClaimWithResolver functions are used to claim a name. And this name is not encrypted. This can create a race condition because once this name is claimed, it cannot be claimed by other users. In...

The domain owner can transfer ownership of their domain to another individual and ownership of the domain can be returned

Lines of code Vulnerability details Impact The domain owner can transfer ownership of their domain by utilizing the setOwner function within the ENSRegistry.sol contract. In doing so, the original domain owner forfeits complete ownership of the domain. But, the original owner can regain ownership...

From integer Overflow to DoS attack that leads to financial losses in ModexpPrecompile.modexp function and RSAVerify library.

Lines of code Vulnerability details Impact This vulnerability to cause unexpected behavior or even a denial-of-service attack on a contract that uses the RSAVerify library on . The vulnerable code is at: Integer overflow in modexp function in ModexpPrecompile does not perform any input validation...

Timestamp manipulation affects DNSSEC records on contracts/dnssec-oracle/DNSSECImpl.sol

Lines of code Vulnerability details Impact timestamp parameter to validate DNSSEC records. The timestamp parameter is passed as an argument to the verifyRRSIG function, which is responsible for verifying that the DNSSEC record is valid at a specific point in time. If the timestamp parameter can b...

Upgraded Q -> 2 from #830 [1682357430454]

Judge has assessed an item in Issue 830 as 2 risk. The relevant finding follows: unstake in safETH would be blocked if any derivative gets blocked during withdraw The system essentially comes to a halt if any of stETH/frxETH/rETH stops their withdrawal. function unstakeuint256 safEthAmount extern...

Test manage-findings update with new cors

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps --- The...

Test for emails sent from api - and manage findings

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps --- The...

Test for submit findings in api

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. dfdsf Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. efsdfsf Tools Used Recommended Mitigation...

TEST REGULAR FINDING DURING BOT RACE WINDOW

Lines of code L1 Vulnerability details TEST --- The text was updated successfully, but these errors were encountered: All reactions...