Users can receive less collateral than expected from liquidations

Lines of code Vulnerability details Impact Users might receive very little or no collateral when liquidating extremely unhealthy short positions. Vulnerability Details When users liquidate a short position, they expect to get a reasonable amount of collateral in return. The collateral amount sent...

KangarooVault.initiateDeposit, KangarooVault.processDepositQueue, KangarooVault.initiateWithdrawal, and KangarooVault.processWithdrawalQueue functions do not use whenNotPaused modifier

Lines of code Vulnerability details Impact As shown by the code below, although PauseModifier is imported, the KangarooVault contract does not use the whenNotPaused modifier in any of its functions. More specifically, the KangarooVault.initiateDeposit, KangarooVault.processDepositQueue,...

LiquidityPool.executePerpOrders(): dangerous payable function

Lines of code Vulnerability details Impact The contract LiquidityPool use a dangerous payable function executePerpOrders In this function, users can send ETH mistakenly. We should check the msg.value is 0 or not to void this issue. Proof of Concept function executePerpOrdersbytes calldata...

Tray Owner Will Not be Able to Burn any Tray

Lines of code Vulnerability details Impact 1. There are two issues here, the check namespaceNFT != msg.sender && trayOwner != msg.sender && getApprovedid != msg.sender && !isApprovedForAlltrayOwner, msg.sender will only revert CallerNotAllowedToBurn if all of the conditions are true which is very...

The user may lose the remaining tokens once the partial withdraw completed in processWithdraws() function. Unable to access the old withdrawalQueue once the queuedWithdrawalHead incremented

Lines of code Vulnerability details Impact User lose the tokens once partial withdraw completed. Proof of Concept function processWithdrawsuint256 count external override nonReentrant whenNotPaused"POOLPROCESSWITHDRAWS" assertqueuedWithdrawalHead + count - 1 nextQueuedWithdrawalId; for uint256 i ...

KangarooVault.removeCollateral updates storage without actually removing collateral, resulting in lost collateral

Lines of code Vulnerability details The admin can call KangarooVault.addCollateral to add additional collateral to a Power Perp position. File: src/KangarooVault.sol 424: function addCollateraluint256 additionalCollateral external requiresAuth nonReentrant 425: SUSD.safeApproveaddressEXCHANGE,...

Disabling self-transfer may cause integration issues with other protocols

Lines of code Vulnerability details Impact Integration errors with other protocols Proof of Concept The changes made for H-01 causes transfers to revert if from == to. This is problematic because this is non-standard ERC20 behavior that can cause integration risk/issues with other protocols. I...

Potential lose of Vault control

Lines of code Vulnerability details Impact If by any means this function is not called first by the creators anyone can be the one to define it forever since there is no verification, after that the attacker will have complete control over the mint and burn functions. Proof of Concept function...

Missing totalFunds update in LiquidityPool's OpenShort(), causing LiquidityPool token holder to lose a portion of their token value

Lines of code Vulnerability details The function openShort in LiquidityPool.sol is missing an update to totalFunds, to increase LiquidityPool funds by the collected net fees. Impact As a result of the missing increment to totalFunds, the availableFunds in the LiquidityPool will be lower. This wil...

JSON context breaking in Bio.tokenURI

Lines of code Vulnerability details Impact Bio.tokenURI function returns an encoded JSON which is supposed to be parsed by a browser or another tool. The field description contains unsanitized user input and can be fully controlled by a hacker when they create an NFT via Bio.mintstring calldata...

SVG script injection in Bio.tokenURI

Lines of code Vulnerability details Impact Bio.tokenURI function returns an encoded SVG that is supposed to be parsed by a browser or another tool. A hacker can inject a malicious script in the SVG element by minting Bio NFT with a bio with a javascript .... Depending on how this SVG element is...

Lack of token approval reverts the overall trade

Lines of code Vulnerability details Impact Since the user has not approved the params.collateralAmount, calling the safeTransferFrom function will result in a revert due to the lack of token approval. The Exchange contract not receive any collateralAmount. Proof of Concept...

Namespace.sol fuse() function incorrectly calculates fused bytes

Lines of code Vulnerability details Impact The fuse function in Namespace.sol incorrectly calculates fused bytes. The first parameter to the characterToUnicodeBytes function is font class, which is always set to 0. This leads to an incorrect calculation of the tokenToName value, resulting in a...

sybil attack vulnerability (via Shitcoin)

Lines of code Vulnerability details Impact Attacker can create worthless shitcoin/NFT to mint PFP and as much as possible. Thereby acquiring outrageous and undeserved amount of PFP . Hence attacker is well positioned for further sybil attack/ farming. This is unhealthy to the contract and its...

A POSITION WILL BE FULLY LIQUIDATABLE AS SOON AS IT BECOMES LIQUIDATABLE

Lines of code Vulnerability details Impact A specific position can be liquidated if canLiquidate returns true. However, the function logic of maxLiquidatableDebt is going to make it fully liquidatable even if safetyRatio == 1e18. Proof of Concept Let's assume the following setup: collRatio = 1.5e...

Multiple Mint of PFP with same NFTID

Lines of code Vulnerability details Impact Malicious user having only one NFT can mint PFP severally. Hence one user with only one NFT but multiple PFP. This isn't the intended implementation. Proof of Concept Is self-understandable. POC not required Recommended Mitigation Steps storing used NFT'...

Registering non-emoji domains doesn't work

Lines of code Vulnerability details Impact When registering a name containing a non-emoji tile, all the tiles are mapped to emoji tiles before registering a name, so the registered name is invalid. This ruins the protocol, the users can't use it to register the desired names unless they are purel...

The KangarooVault liquidity providers receive a wrong vault token amount because an error in the processDepositQueue() function

Lines of code Vulnerability details Impact The KangarooVault.sol::processDepositQueue function helps to process the queued deposits. The deposits are queued if the KangarooVault vault doesn't have registered positions. The processDepositQueue function calls the getTokenPrice function to be able t...

Implementation error in Namespace.fuse() leads to a wrong unicode representation

Lines of code Vulnerability details Impact The font class of a tile will be always considered as 0 emoji when a user registers a name. Proof of Concept To register a name, fuse is used taking as input the data of the characters. The name to register is a string created by converting the character...

Namespace: Fusing will only result in namespaces containing font class 0, irrelevant of fused tiles

Lines of code Vulnerability details H-02 Namespace: Fusing will only result in namespaces containing font class 0, irrelevant of fused tiles After minting trays, a user can fuse tiles from multiple trays into a namespace. A tray tile specifies a character font class, the character's index and the...

Exchange._liquidate function can cause liquidator to burn too much powerPerp tokens

Lines of code Vulnerability details Impact When calling the following Exchange.liquidate function, uint256 totalCollateralReturned = shortCollateral.liquidatepositionId, debtRepaying, msg.sender is executed. function liquidateuint256 positionId, uint256 debtRepaying internal uint256...

Namespace fuse ignores font class attribute from tile data

Lines of code Vulnerability details Impact The fuse function present in the Namespace contract mints a new Namespace NFT based on the given character data that references Tray tiles owned by the caller. For each character, the implementation will use the characterToUnicodeBytes function from the...

The range of iteratePRNG limits the number of Zalgo distortions

Lines of code Vulnerability details Impact Only a tiny fraction of all Zalgo distortions are accessible. Proof of Concept In characterToUnicodeBytes, for font class 7 i.e. Zalgo, the characterModifier determines the Zalgo distortion. The distortion is pseudo-randomly calculated by using...

set critical parameters like fee recipient in constrctor.

Lines of code Vulnerability details Impact Loss of fee at certain condition. This can happen, when user call deposit function immediately contracts are deployed. Or when admin forget to update the feeReceient address. There are lot of address that admin has to set once the contract is deployed. S...

IRRETRIEABLE COLLATERAL FOLLOWING A COMPLETE SHORT TRADE CLOSE

Lines of code Vulnerability details Impact This may have been prevented in the UI, but users opting for external integrations might unintentionally input zero or inadequate amount of params.collateralAmount and end up having the collateral stuck in ShortCollateral.sol forever after completing a...

Owner is able to mint 1 token more than 1000 prelaunch tokens due to wrong equality check

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Owner is able to mint 1 token more than 1000 prelaunch tokens due to wrong check here Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant...

Short positions can be burned while holding collateral

Lines of code Vulnerability details Impact Users can permanently lose a portion of their collateral due to a malicious attacker or their own mistake. Vulnerability Details In the ShortToken contract, adjustPosition is used to handle changes to a short position's short or collateral amounts. The...

Bio Protocol - Cross-Site Scripting via tokenURI SVG image

Lines of code Vulnerability details Impact It is possible to inject bio that is a valid javascript code into generated on-chain SVG image. Attacker might pass following payload as bio: alert1234 which will result in generation of SVG image with the code: text font-family: sans-serif; font-size:...

KangarooVault.sol : anyone can call the processWithdrawalQueue. This would hurt the user when the token price is low

Lines of code Vulnerability details Impact When the price is low, user would get less amount. Proof of Concept processWithdrawalQueue can be called by any one. function processWithdrawalQueueuint256 idCount external nonReentrant for uint256 i = 0; i availableFunds current.returnedAmount =...

Division by zero error causes KangarooVault to be DoS with funds locked inside

Lines of code Vulnerability details KangarooVault can be DoS with funds locked in the contract due to a division by zero error in getTokenPrice as it does not handle the scenario where getTotalSupply is zero. Impact Funds will be locked within the KangarooVault as shown in the PoC below and it is...

Incorrect use of the && Operator will allow anyone to fuse a new Namespace NFT

Lines of code Vulnerability details Impact Any caller can easily mint NFT if they provide a valid list of characters with the appropriate trays, the problem with this code is in this check if trayOwner != msg.sender && tray.getApprovedtrayID != msg.sender && !tray.isApprovedForAlltrayOwner,...

Profile Picture: Address Registry should maintain storage between consecutive deploys

Lines of code Vulnerability details H-01 Profile Picture: Address Registry should maintain storage between consecutive deploys This vulnerability is more in the code of Canto Identity Protocol, but it impacts the ProfilePicture Subprotocol. A ProfilePicture NFT with id=pfpId is linked to a CID NF...

Users will be able to purchase fewer NFTs than the project had anticipated

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Users will be able to purchase fewer NFTs than the project had anticipated. The project had expected that users would be able to purchase a range of variations using both text and emoji characters...

Gas Cost Vulnerability

Lines of code Vulnerability details The fuse function iterates through the provided characterList to check for duplicate characters and validate the trays. If the length of characterList is too high, the gas cost for executing the fuse function will also be high, potentially reaching the block ga...

usedFunds is wrong after Liquidity.closeLong, openShort and closeShort

Lines of code Vulnerability details Impact usedFunds is wrong in LiquidityPool, and usedFunds tracks spent quote tokens. usedFunds is an important state in LiquidityPool, so the impact will be high. Proof of Concept Liquidity.closeLong and openShort don't update the state usedFunds correctly. In...

Need to check with quantity also in _beforeTokenTransfers

Lines of code Vulnerability details Impact In Tray.sol, we can see tokenId checking in beforTokenTransfers. In the current code, it assumes that quantity is 1. But we need to take care with bunch transfer. Proof of Concept function beforeTokenTransfers address, / from/ address to, uint256...

Tray tile characterIndex values (via PRNG) can be manipulated by miners

Lines of code Vulnerability details Impact By manipulating the ordering of transactions in blocks, miners could manipulate the characterIndex values of a Tray's tiles. This could result in miners being able to specifically select characterIndex values that they want for specific Tray tiles, rathe...

buy() method of Tray.sol may exceed Block Limit

Lines of code Vulnerability details Impact DOS in buy method. Proof of Concept File: Tray.sol function buyuint256 amount external uint256 startingTrayId = nextTokenId; if prelaunchMinted == typeuint256.max // Still in prelaunch phase if msg.sender != owner revert OnlyOwnerCanMintPreLaunch; if...

Potential front-running attacks in buy function

Lines of code Vulnerability details Impact The buy function generates new trays and stores them in the tiles mapping based on the value of lastHash. Since the value of lastHash is publicly accessible and can be predicted, an attacker could potentially front-run other users to mint specific trays...

Hard coding ChainID is error prone

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. Proof of Concept Provide direct links to all referenced code in GitHub. Add screenshots, logs, or any other relevant proof that illustrates the concept. Tools Used Recommended Mitigation Steps --- The...

Exchange.sol#L87 : openTrade is returning incorrect totalCost value which has accounting issue when open or closing the trade.

Lines of code Vulnerability details Impact It returns the incorrect value. Any operation done based on this function,either at front end of at contract level , could end with incorrect output. Proof of Concept User can interact with Exchangle.sol to trade. He/she will call the openTrade. openTrad...

Unlimited minting of Canto Bio NFT

Lines of code Vulnerability details Impact There is no max limit on the number of Bio NFT that can be minted by a user. This allows an attacker to mint himself any amount of Bio NFT he want. Proof of Concept function testMint public string memory bio = "TEST BIO"; vm.prankalice; for uint i = 0; i...

The users will receive a wrong liquidity token amount because there is an error in the token price calculation in the LiquidityPool::processDeposits() function

Lines of code Vulnerability details Impact The processDeposits helps to process the users deposits that were queued in the queueDeposit function. The processDeposits function iterates multiple queued deposits and increases the totalFunds storage variable which is used to the accountability of the...

Users can lose funds due to stuck NFT's

Lines of code Vulnerability details Impact If msg.sender is a contract could also be smart contract wallet that does not implement the onERC721Received method, in the current implementation of fuse Namespace.sol && mint Bio.sol, the tx will still be successful, and the token will be minted. In th...

Incorrect calculation of usedFunds in LiquidityPool leads to lower than expected token price

Lines of code Vulnerability details In LiquidityPool.sol, the functions openLong, closeLong, openShort and closeShort do not deduct hedgingFees from usedFunds to offset the hedgingFees that was added due to hedge. Impact The missing deduction of hedgingFees will increase the usedFunds in...

If the underlying NFT is burned, getPFP may returns incorrect results

Lines of code Vulnerability details Impact ProfilePicture.getPFP will return information about the underlying NFT and when addressRegistry.getAddresscidNFTID ! = ERC721nftContract.ownerOfnftID, it will return 0. But if the underlying NFT is burned, getPFP may return incorrect information function...

ProfilePicture subprotocol is immutably linked by subprotocolName to the CID protocol

Lines of code Vulnerability details Impact Besides having to re-register the protocol, it will also have to be redeployed. Proof of Concept A protocol is registered by name in the SubprotocolRegistry. Quoting the Canto Identity Protocol contest details: "In theory, someone can front-run a call to...

A Smart Contract can repeatedly call mint, increasing gas costs due to storage

Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The functions fuse and mint do not check if the caller is an EOA account. Therefore a smart contract can call fuse over and again Proof of Concept Provide direct links to all referenced code in GitHub...

characterModifier is uint8 but encodes 1.38e24 different Zalgo distortions.

Lines of code Vulnerability details Impact Only 256 Zalgo distortions are possible, which is a miniscule fraction of the actual combinations possible. Proof of Concept A Zalgo tile is defined by a letter and a modification consisting of a combination of characters above, over and below the letter...

Mint Bio NFT with mismatched SVG

Lines of code Vulnerability details Impact The tokenURI function of a given NFT contract must represent truth about the given tokenid. The Bio contract allows for minting of NFTs using a bio string. The tokenURI of a minted Bio NFT in turn generates a JSON response. This JSON payload includes the...