Profile Picture: Address Registry should maintain storage between consecutive deploys

Lines of code Vulnerability details H-01 Profile Picture: Address Registry should maintain storage between consecutive deploys This vulnerability is more in the code of Canto Identity Protocol, but it impacts the ProfilePicture Subprotocol. A ProfilePicture NFT with id=pfpId is linked to a CID NF...

Unprotected setVault function can be frontrun to set the attacker controlled vault address

Lines of code Vulnerability details Impact Unprotected setVault function from VaultToken.sol can be frontrun to set the attacker controlled vault address. Once attacker controlled vault address is set as a vault, attacker can mint large amount of tokens for himself and also able to burn other use...

Gas Cost Vulnerability

Lines of code Vulnerability details The fuse function iterates through the provided characterList to check for duplicate characters and validate the trays. If the length of characterList is too high, the gas cost for executing the fuse function will also be high, potentially reaching the block ga...

buy() method of Tray.sol may exceed Block Limit

Lines of code Vulnerability details Impact DOS in buy method. Proof of Concept File: Tray.sol function buyuint256 amount external uint256 startingTrayId = nextTokenId; if prelaunchMinted == typeuint256.max // Still in prelaunch phase if msg.sender != owner revert OnlyOwnerCanMintPreLaunch; if...

set critical parameters like fee recipient in constrctor.

Lines of code Vulnerability details Impact Loss of fee at certain condition. This can happen, when user call deposit function immediately contracts are deployed. Or when admin forget to update the feeReceient address. There are lot of address that admin has to set once the contract is deployed. S...

Short positions can be burned while holding collateral

Lines of code Vulnerability details Impact Users can permanently lose a portion of their collateral due to a malicious attacker or their own mistake. Vulnerability Details In the ShortToken contract, adjustPosition is used to handle changes to a short position's short or collateral amounts. The...

The users will receive a wrong liquidity token amount because there is an error in the token price calculation in the LiquidityPool::processDeposits() function

Lines of code Vulnerability details Impact The processDeposits helps to process the users deposits that were queued in the queueDeposit function. The processDeposits function iterates multiple queued deposits and increases the totalFunds storage variable which is used to the accountability of the...

usedFunds is wrong after Liquidity.closeLong, openShort and closeShort

Lines of code Vulnerability details Impact usedFunds is wrong in LiquidityPool, and usedFunds tracks spent quote tokens. usedFunds is an important state in LiquidityPool, so the impact will be high. Proof of Concept Liquidity.closeLong and openShort don't update the state usedFunds correctly. In...

sybil attack vulnerability (via Shitcoin)

Lines of code Vulnerability details Impact Attacker can create worthless shitcoin/NFT to mint PFP and as much as possible. Thereby acquiring outrageous and undeserved amount of PFP . Hence attacker is well positioned for further sybil attack/ farming. This is unhealthy to the contract and its...

A POSITION WILL BE FULLY LIQUIDATABLE AS SOON AS IT BECOMES LIQUIDATABLE

Lines of code Vulnerability details Impact A specific position can be liquidated if canLiquidate returns true. However, the function logic of maxLiquidatableDebt is going to make it fully liquidatable even if safetyRatio == 1e18. Proof of Concept Let's assume the following setup: collRatio = 1.5e...

Potential Risk of Accidentally Minting Tokens to Incorrect Accounts

Lines of code Vulnerability details Impact 1. the Intended recipient of the tokens might not receive them, which could lead to a loss of funds or a delay in the intended use of the tokens 2. incorrect account holder could receive the tokens by mistake, leading to a discrepancy in the total token...

KangarooVault.removeCollateral updates storage without actually removing collateral, resulting in lost collateral

Lines of code Vulnerability details The admin can call KangarooVault.addCollateral to add additional collateral to a Power Perp position. File: src/KangarooVault.sol 424: function addCollateraluint256 additionalCollateral external requiresAuth nonReentrant 425: SUSD.safeApproveaddressEXCHANGE,...

[H-3] Any account can mint or burn an unlimited number of vault tokens and drain the Kangaroo Vault.

Lines of code Vulnerability details Impact This is a failure in setting up access control. Anyone could set the vault address to their address and call the mint/burn function to mint and burn vault tokens. The impact is severe since all the funds in Kangaroo vault can be withdrawn by anyone. Proo...

Uneven deduction of performance fee causes some KangarooVault users to lose part of their token value

Lines of code Vulnerability details In KangarooVault.resetTrade, a performanceFee is charged upon closing of all positions, on the premiumCollected. This is inconsistent with getTokenPrice as premiumCollected is factored in the token price computation, while the performanceFee is not. This leads ...

LiquidityPool.executePerpOrders(): dangerous payable function

Lines of code Vulnerability details Impact The contract LiquidityPool use a dangerous payable function executePerpOrders In this function, users can send ETH mistakenly. We should check the msg.value is 0 or not to void this issue. Proof of Concept function executePerpOrdersbytes calldata...

Multiple Mint of PFP with same NFTID

Lines of code Vulnerability details Impact Malicious user having only one NFT can mint PFP severally. Hence one user with only one NFT but multiple PFP. This isn't the intended implementation. Proof of Concept Is self-understandable. POC not required Recommended Mitigation Steps storing used NFT'...

totalFunds update is missing in Liquidity.openShort

Lines of code Vulnerability details Impact totalFunds is not updated in Liquidity.openShort so totalFunds will be wrong. Proof of Concept Liquidity.openShort updates usedFunds only and doesn't update totalFunds. totalFunds should be updated after openShort. Tools Used Manual Review Recommended...

LiquidityPool.sol#L657 : setFees() could be abused to steal the funds when there is huge transacion is happening.

Lines of code Vulnerability details Impact Set fee functions can be set to any arbitrary value when the transaction is happening. There are more possibility that user could lose most of all of their hard earned funds. Proof of Concept Below functions can be called by autheraised person to fix the...

The user may lose the remaining tokens once the partial withdraw completed in processWithdraws() function. Unable to access the old withdrawalQueue once the queuedWithdrawalHead incremented

Lines of code Vulnerability details Impact User lose the tokens once partial withdraw completed. Proof of Concept function processWithdrawsuint256 count external override nonReentrant whenNotPaused"POOLPROCESSWITHDRAWS" assertqueuedWithdrawalHead + count - 1 nextQueuedWithdrawalId; for uint256 i ...

Exchange._liquidate function can cause liquidator to burn too much powerPerp tokens

Lines of code Vulnerability details Impact When calling the following Exchange.liquidate function, uint256 totalCollateralReturned = shortCollateral.liquidatepositionId, debtRepaying, msg.sender is executed. function liquidateuint256 positionId, uint256 debtRepaying internal uint256...

KangarooVault.removeCollateral doesn't remove collateral from the EXCHANGE

Lines of code Vulnerability details Impact The owner of the KangarooVault can't receive collateral from EXCHANGE when he wants to remove collateral from the vault. Proof of Concept KangarooVault.removeCollateral doesn't remove collateral from the EXCHANGE. KangarooVault interacts with EXCHANGE, a...

Attacker can artificially inflate the token price and and gets more profit

Lines of code Vulnerability details Impact Attacker can cause the artificial inflation in token price and gets more profit Proof of Concept Let assume the inital values totalFunds = 10000000000 , VAULTTOKEN.totalSupply = 100000000000 , totalQueuedWithdrawals= 1000000 function initiateDepositaddre...

The KangarooVault liquidity providers receive a wrong vault token amount because an error in the processDepositQueue() function

Lines of code Vulnerability details Impact The KangarooVault.sol::processDepositQueue function helps to process the queued deposits. The deposits are queued if the KangarooVault vault doesn't have registered positions. The processDepositQueue function calls the getTokenPrice function to be able t...

Division by zero error causes KangarooVault to be DoS with funds locked inside

Lines of code Vulnerability details KangarooVault can be DoS with funds locked in the contract due to a division by zero error in getTokenPrice as it does not handle the scenario where getTotalSupply is zero. Impact Funds will be locked within the KangarooVault as shown in the PoC below and it is...

Incorrect calculation of usedFunds in LiquidityPool leads to lower than expected token price

Lines of code Vulnerability details In LiquidityPool.sol, the functions openLong, closeLong, openShort and closeShort do not deduct hedgingFees from usedFunds to offset the hedgingFees that was added due to hedge. Impact The missing deduction of hedgingFees will increase the usedFunds in...

Users can receive less collateral than expected from liquidations

Lines of code Vulnerability details Impact Users might receive very little or no collateral when liquidating extremely unhealthy short positions. Vulnerability Details When users liquidate a short position, they expect to get a reasonable amount of collateral in return. The collateral amount sent...

Potential lose of Vault control

Lines of code Vulnerability details Impact If by any means this function is not called first by the creators anyone can be the one to define it forever since there is no verification, after that the attacker will have complete control over the mint and burn functions. Proof of Concept function...

KangarooVault.initiateDeposit, KangarooVault.processDepositQueue, KangarooVault.initiateWithdrawal, and KangarooVault.processWithdrawalQueue functions do not use whenNotPaused modifier

Lines of code Vulnerability details Impact As shown by the code below, although PauseModifier is imported, the KangarooVault contract does not use the whenNotPaused modifier in any of its functions. More specifically, the KangarooVault.initiateDeposit, KangarooVault.processDepositQueue,...

Incorrect use of the && Operator will allow anyone to fuse a new Namespace NFT

Lines of code Vulnerability details Impact Any caller can easily mint NFT if they provide a valid list of characters with the appropriate trays, the problem with this code is in this check if trayOwner != msg.sender && tray.getApprovedtrayID != msg.sender && !tray.isApprovedForAlltrayOwner,...

Namespace.sol fuse() function incorrectly calculates fused bytes

Lines of code Vulnerability details Impact The fuse function in Namespace.sol incorrectly calculates fused bytes. The first parameter to the characterToUnicodeBytes function is font class, which is always set to 0. This leads to an incorrect calculation of the tokenToName value, resulting in a...

Unlimited minting of Canto Bio NFT

Lines of code Vulnerability details Impact There is no max limit on the number of Bio NFT that can be minted by a user. This allows an attacker to mint himself any amount of Bio NFT he want. Proof of Concept function testMint public string memory bio = "TEST BIO"; vm.prankalice; for uint i = 0; i...

Namespace fuse ignores font class attribute from tile data

Lines of code Vulnerability details Impact The fuse function present in the Namespace contract mints a new Namespace NFT based on the given character data that references Tray tiles owned by the caller. For each character, the implementation will use the characterToUnicodeBytes function from the...

Users will be able to purchase fewer NFTs than the project had anticipated

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Users will be able to purchase fewer NFTs than the project had anticipated. The project had expected that users would be able to purchase a range of variations using both text and emoji characters...

SVG script injection in Bio.tokenURI

Lines of code Vulnerability details Impact Bio.tokenURI function returns an encoded SVG that is supposed to be parsed by a browser or another tool. A hacker can inject a malicious script in the SVG element by minting Bio NFT with a bio with a javascript .... Depending on how this SVG element is...

Tray tile characterIndex values (via PRNG) can be manipulated by miners

Lines of code Vulnerability details Impact By manipulating the ordering of transactions in blocks, miners could manipulate the characterIndex values of a Tray's tiles. This could result in miners being able to specifically select characterIndex values that they want for specific Tray tiles, rathe...

Owner is able to mint 1 token more than 1000 prelaunch tokens due to wrong equality check

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Owner is able to mint 1 token more than 1000 prelaunch tokens due to wrong check here Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant...

JSON context breaking in Bio.tokenURI

Lines of code Vulnerability details Impact Bio.tokenURI function returns an encoded JSON which is supposed to be parsed by a browser or another tool. The field description contains unsanitized user input and can be fully controlled by a hacker when they create an NFT via Bio.mintstring calldata...

Need to check with quantity also in _beforeTokenTransfers

Lines of code Vulnerability details Impact In Tray.sol, we can see tokenId checking in beforTokenTransfers. In the current code, it assumes that quantity is 1. But we need to take care with bunch transfer. Proof of Concept function beforeTokenTransfers address, / from/ address to, uint256...

Potential front-running attacks in buy function

Lines of code Vulnerability details Impact The buy function generates new trays and stores them in the tiles mapping based on the value of lastHash. Since the value of lastHash is publicly accessible and can be predicted, an attacker could potentially front-run other users to mint specific trays...

A Smart Contract can repeatedly call mint, increasing gas costs due to storage

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The functions fuse and mint do not check if the caller is an EOA account. Therefore a smart contract can call fuse over and again Proof of Concept Provide direct links to all referenced code in GitHub...

Bio Protocol - tokenURI JSON injection

Lines of code Vulnerability details Impact The Bio Protocol allows users to mint Bio NFTs that represent user's bio. Once NFT is minted anyone can trigger tokenURI to retrieve JSON data with the bio and generated svg image. Example JSON content decoded from Base64: "name": "Bio 1", "description":...

Disabling self-transfer may cause integration issues with other protocols

Lines of code Vulnerability details Impact Integration errors with other protocols Proof of Concept The changes made for H-01 causes transfers to revert if from == to. This is problematic because this is non-standard ERC20 behavior that can cause integration risk/issues with other protocols. I...

[term-fix] Mitigation Error

Lines of code Vulnerability details Note - The term refactoring has been made for the following reason: Our main KIBT is intended to be backed by 1-year treasury bill tokens, however, a bond issued on 1 Jan 2023 does not have the same amount of seconds compared to a 1-year treasury bill issued on...

Users can lose funds due to stuck NFT's

Lines of code Vulnerability details Impact If msg.sender is a contract could also be smart contract wallet that does not implement the onERC721Received method, in the current implementation of fuse Namespace.sol && mint Bio.sol, the tx will still be successful, and the token will be minted. In th...

The range of iteratePRNG limits the number of Zalgo distortions

Lines of code Vulnerability details Impact Only a tiny fraction of all Zalgo distortions are accessible. Proof of Concept In characterToUnicodeBytes, for font class 7 i.e. Zalgo, the characterModifier determines the Zalgo distortion. The distortion is pseudo-randomly calculated by using...

KangarooVault.sol : anyone can call the processWithdrawalQueue. This would hurt the user when the token price is low

Lines of code Vulnerability details Impact When the price is low, user would get less amount. Proof of Concept processWithdrawalQueue can be called by any one. function processWithdrawalQueueuint256 idCount external nonReentrant for uint256 i = 0; i availableFunds current.returnedAmount =...

characterModifier is uint8 but encodes 1.38e24 different Zalgo distortions.

Lines of code Vulnerability details Impact Only 256 Zalgo distortions are possible, which is a miniscule fraction of the actual combinations possible. Proof of Concept A Zalgo tile is defined by a letter and a modification consisting of a combination of characters above, over and below the letter...

Centralization privileges could cause revenue loss or DDoS

Lines of code Vulnerability details Impact DISCLAIMER: I understand that this was under known issues M-1, and I'm submitting this on another angle which is in case owner is compromised. Namespace and Tray contract allow the owner to execute some privilege actions which give flexibility but at the...

Why does prelaunch checking do only for namespaceNFT case in Tray.burn?

Lines of code Vulnerability details Impact In function Tray.burnid, we can see prelaunchMinted checking. But that part is inside if msg.sender == namespaceNFT. We should take care about it in all cases. Proof of Concept function burnuint256 id external address trayOwner = ownerOfid; if namespaceN...

Mint Bio NFT with mismatched SVG

Lines of code Vulnerability details Impact The tokenURI function of a given NFT contract must represent truth about the given tokenid. The Bio contract allows for minting of NFTs using a bio string. The tokenURI of a minted Bio NFT in turn generates a JSON response. This JSON payload includes the...