Losses are double counted if there currently locked profits

Lines of code Vulnerability details Impact Losses are double counted and vault participants lose funds Proof of Concept if roi 0 vars.gain = uint256roi; vars.fees = chargeFeesvars.stratAddr, vars.gain; strategy.gains += vars.gain; ... // Profit is locked and gradually released per block // NOTE:...

Use of strict condition can be manipulated

Lines of code Vulnerability details Impact The use of strict condition can be manipulated by attackers, which can lead to unforeseen consequences. Use = and = instead. Proof of Concept Tools Used Manual review Recommended Mitigation Steps Use loose condition instead like = and = instead. --- The...

closeTrove never nulls trove.stake

Lines of code Vulnerability details // Auditor's note: not 100% sure if this is intentional, but I have reason to believe it's a mistake. Description When a trove gets liquidated, its stake gets set to 0 through removeStake, called eg here. However, when a trove gets closed gratiously through...

No Contract Compiled Yet, missing "contract RegistryUtils{...}" in in file packages/contracts/src/framework/utils/RegistryUtils.sol

Lines of code Vulnerability details Impact packages/contracts/src/framework/utils/RegistryUtils.sol file is missing "contract", here there is one function function isSubdomainValid and it will not compile. isSubdomainValid is called in several places,...

Lack of logic to mint OATH within the CommunityIssuance#issueOath(), which results in that entire OATH insurance mechanism will not work properly

Lines of code Vulnerability details Impact OATH will be never minted issued when the the CommunityIssuanceissueOath would be called. As a result, OATH will be never provided to the market. This results in that the treasury will be never able to buy the OATH from the market. This lead to a bad...

Callback tokens can cause re-entrancy

Lines of code Vulnerability details Description There are many places in the code where token transfers are in the middle of a function more specifically, both after and before state changes. It is very important not to pass control to untrusted code in these calls, as they could potentially...

A Malicious Borrower can drain ActivePool

Lines of code Vulnerability details Impact Any Borrower can take any amount of collateral and the pool gets drained, in this case, the system's TCR will go way down the CCR. putting the whole system at risk of a dangerous recovery mode and may even cause a total crash to the system. Proof of...

Using _freefunds() to calculate share price lead to shares miscalculations and could benefit treasury

Lines of code Vulnerability details Impact Function freeFunds calculates the amount of free funds available after profit locking and it's used to for calculating share price, issuing shares during deposit, or burning shares during withdrawal. Value returned by freeFunds is time-dependant, because...

implementation of the isValidSignature() function in the DAO.sol is invalid

Lines of code Vulnerability details Impact Failure to validate the returned response from the isValidSignature function can cause that invalid signatures to be assumed to be valid. Proof of Concept Currently, externally owned accounts EOAs can sign messages with their associated private keys, but...

Upgraded Q -> 2 from #11 [1678055765655]

Judge has assessed an item in Issue 11 as 2 risk. The relevant finding follows: Low-01 SwingTraderManager.totalProfit may be updated incorrectly Impact In SwingTraderManager.sellMalt, when amountSold + dustThreshold = maxAmount, the function will return directly and will not update totalProfit,...

Upgraded Q -> 2 from #3 [1678055596601]

Judge has assessed an item in Issue 3 as 2 risk. The relevant finding follows: L-01 The removeContract function is not properly implemented Impact The contracts array of MaltRepository contract would be messed up, devs and users would not be able to obtain correct contract string names by the...

Upgraded Q -> 2 from #633 [1677880427560]

Judge has assessed an item in Issue 633 as 2 risk. The relevant finding follows: Vault contract implementation does not disable initializers The Vault.sol contract should implement disableInitializers in its constructure to prevent implementation contracts from being initialized. As this contract...

Upgraded Q -> 2 from #19 [1677669261110]

Judge has assessed an item in Issue 19 as 2 risk. The relevant finding follows: KFC-03L: Inexistent Duplicate Entry Prevention Affected Lines: L175-L180 The KUMAFeeCollector::changePayees function does not adequately sanitize the new payees, permitting duplicate entries to exist which will cause...

Upgraded Q -> 2 from #18 [1677668571999]

Judge has assessed an item in Issue 18 as 2 risk. The relevant finding follows: L-01 changePayees can result in broken share count Description for uint256 i; i newPayees.length; i++ if newPayeesi == address0 revert Errors.CANNOTSETTOADDRESSZERO; if newSharesi == 0 revert Errors.SHARECANNOTBEZERO;...

Upgraded Q -> 2 from #19 [1677669238372]

Judge has assessed an item in Issue 19 as 2 risk. The relevant finding follows: KUMABondToken.sol KBT-01L: Potential Approval Blacklist Bypass Affected Lines: L148 The KUMABondToken::approve function will apply a blacklist check on the to as well as msg.sender contextual arguments of the call,...

Upgraded Q -> 2 from #92 [1677633054022]

Judge has assessed an item in Issue 92 as 2 risk. The relevant finding follows: L-09 ERC4626 does not work with fee-on-transfer tokens Description The ERC4626 deposit/mint functions do not work well with fee-on-transfer tokens as the assets variable is the pre-fee amount, including the fee, where...

Upgraded Q -> 2 from #664 [1677633674294]

Judge has assessed an item in Issue 664 as 2 risk. The relevant finding follows: 2- Vault fees can be set greater than 1e18 in the initialize function : The Vaut contract implements 4 types of fees deposit, withdrawal, management, performance collected when the user deposits or withdraw tokens,...

Upgraded Q -> 2 from #625 [1677633526031]

Judge has assessed an item in Issue 625 as 2 risk. The relevant finding follows: 4. lastHarvest variable inside AdapterBase will never be updated after a successful harvest,this will create big problems related to all the harvest function inside AdapterBase by making this function unusable,in fac...

Upgraded Q -> 2 from #356 [1677633435546]

Judge has assessed an item in Issue 356 as 2 risk. The relevant finding follows: L-01 ERC4626 does not work with fee-on-transfer tokens in project Impact ERC20 token contract can be deposited with the deposit function. With the following part of the code, the ERC20 transfer from msg.sender to the...

Upgraded Q -> 2 from #795 [1677634099280]

Judge has assessed an item in Issue 795 as 2 risk. The relevant finding follows: 04 VALUES OF fees ARE NOT CHECKED IN Vault.initialize FUNCTION When calling the following Vault.initialize function, the values of fees are not checked. It is possible that these fees are set to be above 1e18 when...

Upgraded Q -> 2 from #752 [1677633810856]

Judge has assessed an item in Issue 752 as 2 risk. The relevant finding follows: Possibility of MultiRewardEscrow.claimReward to be vulnerable to a reentrancy attack There are a bunch of external calls before setting accruedRewardsuserrewardTokensito zero. Malicious actors can add some exploits o...

Upgraded Q -> 2 from #56 [1677632875022]

Judge has assessed an item in Issue 56 as 2 risk. The relevant finding follows: 2. Attribute values of fees could exceed 1e18 when initializing even if the proposedFees is checked in proposeFees function. function initialize IERC20 asset, IERC4626 adapter, VaultFees calldata fees, address...

Upgraded Q -> 2 from #7 [1677668529704]

Judge has assessed an item in Issue 7 as 2 risk. The relevant finding follows: L-01 changePayees Suggest adding to check whether newPayees are duplicated to avoid totalShares error function changePayeesaddress calldata newPayees, uint256 calldata newShares external override onlyManager ... for...

Upgraded Q -> 2 from #795 [1677634051278]

Judge has assessed an item in Issue 795 as 2 risk. The relevant finding follows: 01 FEE-ON-TRANSFER TOKENS ARE NOT SUPPORTED This protocol currently does not support fee-on-transfer tokens. For example, for a fee-on-transfer token, calling the following Vault.deposit function with the assets inpu...

Upgraded Q -> 2 from #523 [1677626174331]

Judge has assessed an item in Issue 523 as 2 risk. The relevant finding follows: Title Add function for feeRecipient change in MultiRewardEscrow.sol contract Links to affected code Vulnerability details Impact If account feeRecipient would be compromised, or the protocol owner wants from some oth...

Upgraded Q -> 2 from #823 [1677594201547]

Judge has assessed an item in Issue 823 as 2 risk. The relevant finding follows: L-01 Low level call result not correctly checked The last adminProxy.execute is not checked for success. function deployAdapter DeploymentArgs memory adapterData, bytes memory baseAdapterData, IDeploymentController...

Upgraded Q -> 3 from #460 [1677510923458]

Judge has assessed an item in Issue 460 as 3 risk. The relevant finding follows: Lines of code Vulnerability details Impact The safeTransferFrom function on the ClearingHouse is normally used when an OpenSea auction successfully ends and the required ERC20/WETH have been transferred to the...

Upgraded Q -> 2 from #596 [1677228840417]

Judge has assessed an item in Issue 596 as 2 risk. The relevant finding follows: withdraw and redeem function withdraw IERC4626 vault, address to, uint256 amount, uint256 maxSharesOut public payable virtual override returns uint256 sharesOut ERC20addressvault.safeApproveaddressvault, amount; if...

Upgraded Q -> 2 from #415 [1677231136540]

Judge has assessed an item in Issue 415 as 2 risk. The relevant finding follows: 2 - The PrivateVault deposit can be executed even when the vault was paused. There is not restriction for deposit in the Private vault. Recommendation Add a whenNotPaused modifier for the deposit function. --- The te...

Upgraded Q -> 2 from #298 [1677237168746]

Judge has assessed an item in Issue 298 as 2 risk. The relevant finding follows: 01 MALICIOUS USER, WHO OWNS SPLITTABLE FUNDS, CAN CALL DripsHub.setSplits FUNCTION TO FRONTRUN OTHER USER'S DripsHub.split FUNCTION CALL, WHICH CAN BREAK AGREEMENT BETWEEN THESE USERS Based on the current...

changeRewardSpeed function at the MultiRewardStaking contract is incorrectly implemented and can leave the staking of a token on a denial of service state (copy)

Lines of code Vulnerability details Impact The changeRewardSpeed function from the MultiRewardStaking.sol contract lacks documentation on how exactly it should work. By its name and some comments above it, I infer that the function must change the rate of tokens rewards per unit of time. For...

Upgraded Q -> 3 from #268 [1677186221526]

Judge has assessed an item in Issue 268 as 3 risk. The relevant finding follows: code423n4 commented on Jan 17 Lines of code Vulnerability details Impact As there is no callback in Seaport 1.1. When listing on OpenSea, Astaria adds an additional item to be received along with payment token. It is...

Upgraded Q -> 3 from #148 [1677186744098]

Judge has assessed an item in Issue 148 as 3 risk. The relevant finding follows: Lines of code Vulnerability details Impact Detailed description of the impact of this finding. buyoutLien in LienToken.sol failes to update the new PublicVault's slope, yIntercept, and s.epochData....liensOpenForEpoc...

KUMASwap.buyBond() is vulnerable to being used for reentry attacks

Lines of code Vulnerability details Impact KUMASwap.buyBond could be exploited for some kind of reentry attack now or in the future Proof of Concept KUMASwap.buyBond may trigger a callback to the sender's contract before the following statements being executed: updateMinCoupon;...

Doubling of KIBToken balances

Lines of code Vulnerability details Impact The KIBToken.transfer function overrides the ERC20Upgradeable.transfer function and adds custom logic. The modified function looks like this: function transferaddress from, address to, uint256 amount internal override // ... uint256 startingFromBalance =...

KIBToken: Unexpected reverts of _calculateCumulativeYield & _calculatePreviousEpochCumulativeYield

Lines of code Vulnerability details Impact In KIBToken the calculateCumulativeYield & calculatePreviousEpochCumulativeYield functions intend to calculate the yields using the formula yield.rayPowtime.rayMulcumulativeYield. function calculateCumulativeYield private view returns uint256 uint256...

KUMASwap.buyBond() is vulnerable to being used for reentry attacks

Lines of code Vulnerability details Impact KUMASwap.buyBond could be exploited for some kind of reentry attack now or in the future Proof of Concept KUMASwap.buyBond may trigger a callback to the sender's contract before the following statements being executed: updateMinCoupon;...

KUMABondToken.approve() should revert if the owner of the tokenId is blacklisted

Lines of code Vulnerability details Impact It is still possible for a blacklisted user's bond token to be approved. Proof of Concept KUMABondToken.approve only checks if msg.sender and to are not blacklisted. It doesn't check if the owner of the tokenId is not blacklisted. For example, the...

KUMASwap.buyBond :- Clone token + KUMABondToken transfer for a single KUMABondToken id.

Lines of code Vulnerability details Impact The KUMASwap.buyBond mints KBCTokens clone token for every KUMABondToken whose bondFaceValue is greater than realizedBondValue. If bondFaceValue is not greater than realizedBondValue a simple KUMABondToken transfer is done to the caller. function...

Multiple KBCTokens can be minted fir single KUMABondToken id.

Lines of code Vulnerability details Impact The KUMASwap.buyBond mints KBCTokens clone token for every KUMABondToken whose bondFaceValue is greater than realizedBondValue. function buyBonduint256 tokenId external override whenNotPaused whenNotDeprecated IKUMAAddressProvider KUMAAddressProvider =...

KUMAFeeCollector - duplicate payee can be added

Lines of code Vulnerability details Impact In KUMAFeeCollector contract, the addPayee validates that an already present payee cannot be added again to the payees set. function addPayeeaddress payee, uint256 share external override onlyManager if payees.containspayee revert...

Price feed in MCAGRateFeed#getRate is not sufficiently validated and can return stale price

Lines of code Vulnerability details Impact MCAGRateFeedgetRate may return stale data Proof of Concept , int256 answer,,, = oracle.latestRoundData; Classic C4 issue. getRate only uses answer but never checks the freshness of the data, which can lead to stale bond pricing data. Stale pricing data c...

KUMASwap incorrectly reverts when when _maxCoupons has been reached

Lines of code Vulnerability details Impact Selling bonds with coupons that are already accounted will fail unexpectedly Proof of Concept if coupons.length == maxCoupons revert Errors.MAXCOUPONSREACHED; The above lines will cause ALL bonds sales to revert when coupons.length has reached maxCoupons...

KUMAFeeCollector.changePayees() executes incorrectly when newPayees contains duplicate items

Lines of code Vulnerability details Impact When calling KUMAFeeCollector.changePayees with duplicate payees in newPayees, the call is not reverted and the result state will be incorrect. Proof of Concept Contract KUMAFeeCollector does not support duplicate payees. The transaction will revert when...

Upgraded Q -> 3 from #71 [1676966386580]

Judge has assessed an item in Issue 71 as 3 risk. The relevant finding follows: L-04 onlyMinter modifier is not working as expected Description onlyMinter can be bypasssed by anyone due to an invalid check: modifier onlyMinter msg.sender == minterAddress; ; Thus, everyone can mint tokens: functio...

KIBToken._transfer() did not correctly handle the case where from is the same as to

Lines of code Vulnerability details Impact Hackers can obtain any number of KIB tokens out of thin air. Using the stolen KIB tokens, the hacker could steal all the bonds in the KUMASwap by calling KUMASwap.buyBond, or steal all the deprecationStableCoin in the KUMASwap by calling...

Inexistent Slippage Protection

Lines of code Vulnerability details Impact All bond evaluations are dynamic within the KUMASwap::sellBond and KUMASwap::buyBond functions, however, they operate with token IDs as input arguments and do not perform any sanitization on the amount of KIB tokens minted or burned respectively. In turn...

The latest malt price can be less than the actual price target and StabilizerNode.stabilize will revert

Lines of code Vulnerability details Impact StabilizerNode.stabilize will revert when latestSample priceTarget and msgSender is not an admin and not whitelisted, it asserts livePrice minThreshold. And minThreshold is calculated as follows: uint256 priceTarget = maltDataLab.getActualPriceTarget;...

Average APRs might be calculated wrongly after calling populateFromPreviousThrottle().

Lines of code Vulnerability details Impact Average APRs might be calculated wrongly after calling populateFromPreviousThrottle and targetAPR might be changed unexpectedly. Proof of Concept The epoch state struct contains cumulativeCashflowApr element and cashflowAverageApr is used to adjust...

latestSample can be manipulation to make stabilize() calls always fail

Lines of code Vulnerability details Impact In function stabilize, in case exchangeRate priceTarget, which means price of Malt is larger than $1 so it has to sell Malt to return to $1. However, team don't want to sell Malt when the market is too volatile price changing too fast, so they added some...