AdapterBase.accruedPerformanceFee does not work with tokens with low decimals

Lines of code Vulnerability details The performance fees are only accrued when shareValue highWaterMark. 529: function accruedPerformanceFee public view returns uint256 530: uint256 highWaterMark = highWaterMark; 531: uint256 shareValue = convertToAssets1e18; //@audit M: this does not work for...

MultiStakingReward.sol assumes all RewardTokens are in 18 decimal places

Lines of code Vulnerability details Impact Calculation of accrued rewards will be affected. Proof of Concept The function accrueRewards is called anytime rewards needs to be accrued. The variable supplyTokens is the total supply of the reward token. deltaIndex is calculated by taking the accrued ...

Risk of reentrancy attacks in the claimRewards function

Lines of code Vulnerability details Impact The claimRewards function in the MultiRewardStaking contract is used by users to claim token rewards, but because the function does not contain a nonReentrant modifier and does not implement the CEI standard check-effect-interact it can be subject to...

ABI mismatch when calling initialize function

Lines of code Vulnerability details Impact This is the initialize function of contract Vault. It has 5 parameters. function initialize IERC20 asset, IERC4626 adapter, VaultFees calldata fees, address feeRecipient, address owner external initializer But when calling this function in VaultControlle...

Overflow tokens

Lines of code Vulnerability details Impact If admin will add more than 255 tokens in rewardToken, there would'nt any way to withdraw tokens or claim rewards Proof of Concept for example: all users deposit their money.After some time admin's add more tokensa, length of array with Token grow's to...

MultiRewardStaking.addRewardToken can eventually break the contract

Lines of code Vulnerability details When adding a reward token, the token address is added to rewardTokens. 263: rewardTokens.pushrewardToken; If rewardTokens is large enough, accrueRewards will revert with an out-of-gas error, as it loops through rewardsToken 373: for uint8 i; i 0...

First depositor for the Vault can be front-run and have part of their deposit stolen

Lines of code Vulnerability details Description The first deposit with a totalSupply of zero shares will mint shares equal to the deposited amount. File: src/vault/Vault.sol 298: supply == 0 299: ? assets 300: : assets.mulDivsupply, totalAssets, Math.Rounding.Down; Link to Code File:...

FIRST ERC4626 DEPOSIT CAN BE EXPLOITED ON SHARE CALCULATION

Lines of code Vulnerability details Impact As also encountered by Uniswap V2 and other protocols, the first depositor of an ERC4626 vault can maliciously manipulate the share price by depositing as low as 1 wei of liquidity prior to deliberately inflating ERC4626.totalAssets to as high as 1:1e18...

claimRewards is not re-entrancy safe.

Lines of code Vulnerability details Impact In MultiRewardStaking the function claimRewards doesn’t have nonReentrant which makes it possible to re-enter the function. If one of the reward tokens in ERC-777 token, it is possible to re-enter and claim the reward again and again until the contract i...

MultiRewardStaking does not work with fee-on-transfer tokens

Lines of code Vulnerability details The way MultiRewardStaking handles deposits does not work with fee-on-transfer tokens: deposit uses convertToShares to compute the number of shares to mint, which returns assets - ie a 1:1 equivalence between shares and the number of asset tokens. 98: function...

Vault creator can prevent users from claiming staking rewards

Lines of code Vulnerability details Impact Vault creator can prevent users from claiming rewards from the staking contract. This can boost his liquidity and lure depositors to stake vault tokens. He can present a high APY and low fee percentage which will incentivize stakers When the staking...

Upgraded Q -> 3 from #664 [1675726122175]

Judge has assessed an item in Issue 664 as 3 risk. The relevant finding follows: L-2 ERC1155 Quest: withdrawRemainingTokens should factor in total number of receipts minted before withdrawal Issue: There may be users with unredeemed receipts who will not be able to claim if all the remaining toke...

Upgraded Q -> 2 from #648 [1675725337760]

Judge has assessed an item in Issue 648 as 2 risk. The relevant finding follows: 2. Unbounded Array Vulnerability in Claim Function Link : Summary: The claim function in the Quest contract has an unbounded array vulnerability that could lead to an Out-of-Gas OOG error and make the contract...

Upgraded Q -> 2 from #670 [1675726426987]

Judge has assessed an item in Issue 670 as 2 risk. The relevant finding follows: L-04 Changing rabbitholeReceiptContract in QuestFactory will break currently running quests rabbitHoleReceiptContract must be the same in QuestFactory and Quest contracts for quests to function correctly. If there is...

Upgraded Q -> 3 from #664 [1675726078144]

Judge has assessed an item in Issue 664 as 3 risk. The relevant finding follows: L-1 ERC20 Quest: withdrawFee function should only be able to be called once instead of multiple times Issue: The withdrawFee function can be called multiple times by admin after a quest ends, resulting in more than t...

Upgraded Q -> 3 from #621 [1675724753994]

Judge has assessed an item in Issue 621 as 3 risk. The relevant finding follows: L1 - Owner could withdraw all unclaimed tokens while some still should be claimable withdrawRemainingTokens function in the Erc1155Quest contract allows the owner to withdraw all remaining tokens, including unclaimed...

Upgraded Q -> 3 from #619 [1675724566035]

Judge has assessed an item in Issue 619 as 3 risk. The relevant finding follows: The function withdrawRemainingTokens can be changed in a safer way to handle the withdraw from the owner and the protocol fee as well. This prevent risks allocated with the protocol fees. By the docs this function is...

Upgraded Q -> 2 from #619 [1675724510983]

Judge has assessed an item in Issue 619 as 2 risk. The relevant finding follows: L-02 The function mintReceipt should check if the quest has expired on-chain as well The main function mintReceipt responsible for minting receipts lacks an important check to ensure the quest end time hasn't finishe...

Upgraded Q -> 2 from #615 [1675724239375]

Judge has assessed an item in Issue 615 as 2 risk. The relevant finding follows: Unbounded gas usage in claim function of Quest contract The claim function has an unbounded gas usage that traverses different arrays many times. The call to RabbitHoleReceipt.getOwnedTokenIdsOfQuest iterates all...

Upgraded Q -> 2 from #670 [1675726386915]

Judge has assessed an item in Issue 670 as 2 risk. The relevant finding follows: L-03 DoS if address owns too many receipts With time it is viable for users to acquire thousands and tens of thousands of receipts. This may happen as a result of buying receipts for example, which was highlighted as...

Upgraded Q -> 3 from #599 [1675723538994]

Judge has assessed an item in Issue 599 as 3 risk. The relevant finding follows: L-01 Erc1155Quest's tokens can be withdrawn before every reward has been claimed Impact The owner can withdraw all the remaining tokens after the Quest endTime. Thus, users who have not claimed their reward at the en...

Upgraded Q -> 3 from #648 [1675725284542]

Judge has assessed an item in Issue 648 as 3 risk. The relevant finding follows: 1. Incorrect Minter Address Validation in Mint Function Link : Summary: The mint function in the RabbitHoleReceipt contract does not correctly check the msg.sender address for minter permissions. The onlyMinter...

Upgraded Q -> 2 from #619 [1675724616184]

Judge has assessed an item in Issue 619 as 2 risk. The relevant finding follows: L-06 In contract Quest the function claim shouldn't only set the receipt as claimed, but to burn it as well. As this problem brings the risk, where users can sell already claimed receipts to other people The function...

Upgraded Q -> 2 from #621 [1675724705438]

Judge has assessed an item in Issue 621 as 2 risk. The relevant finding follows: L2 - mintReceipt function lacks a check to verify if the quest has already ended mintReceipt function missing check for ended quest. This could result in a scenario where a receipt is minted after the quest has ended...

Upgraded Q -> 2 from #117 [1675572860639]

Judge has assessed an item in Issue 117 as 2 risk. The relevant finding follows: Description If a single address has certain amount of RabbitHoleReceipt tokens receipts - according to tests 1050, when he tries to call claim function from Quest.sol it will always revert with 'Transaction ran out o...

Upgraded Q -> 2 from #329 [1675575934658]

Judge has assessed an item in Issue 329 as 2 risk. The relevant finding follows: Reentrancy issue on claim for Erc1155Quest There is a reentrancy issue when claiming ERC1155 tokens, that will you reenter before redeemedTokens is updated. Here is the callback Quest.solL114 Stick to the check effec...

Upgraded Q -> 2 from #251 [1675573596034]

Judge has assessed an item in Issue 251 as 2 risk. The relevant finding follows: L-03 The claim function might use an amount of gas greater than the block gas limit. Description: The claim function at the Quest.sol contract can consume an amount of gas greater than the block gas limit if the user...

Upgraded Q -> 3 from #154 [1675567996775]

Judge has assessed an item in Issue 154 as 3 risk. The relevant finding follows: Erc20Quest.withdrawFee can be called against a quest more than once function withdrawFee public onlyAdminWithdrawAfterEnd IERC20rewardToken.safeTransferprotocolFeeRecipient, protocolFee; The withdrawFee function does...

[M-01] emitUserMetadata function may fail due to exceed gas limit

Lines of code Vulnerability details Impact The function emitUserMetadata in DripsHub may fail due to unbounded loop over userMetadata can be very large due to the user input. However, function could be called only from drivers, it's still public and large array could be passed. And the loop in...

Upgraded Q -> 2 from #65 [1675444463774]

Judge has assessed an item in Issue 65 as 2 risk. The relevant finding follows: Unusual multisig logic --- The text was updated successfully, but these errors were encountered: All reactions...

Upgraded Q -> 3 from #508 [1675443043181]

Judge has assessed an item in Issue 508 as 3 risk. The relevant finding follows: L-05 Duration does not have upper bound The duration input parameter does not have upper bound. If the duration is mistakenly set too high, node operator will be slashed significant amount of GGP. The...

If no association type matched, user will end up paying fee for nothing

Lines of code Vulnerability details Impact Users can add a new entry for the given subprotocol to the provided CID NFT. There are possible three different association types ordered, primary, active that can be used to model different types of associations between the CID NFT and subprotocol. For...

int128 cast underflow in _receiveDripsResult()

Lines of code Vulnerability details Impact In receiveDripsResult, the type cast of uint128 could underflow, and result in wrong receivedAmt. The impacts could be: wrong amount being transferred to users and drain the protocol fund inaccurate transfer amount, some users lose fund and some receive...

Upgraded Q -> 2 from #338 [1675444014859]

Judge has assessed an item in Issue 338 as 2 risk. The relevant finding follows: L-07 It should be possible to assign Minipool to a new Multisig MinipoolManager.sol 1 --- The text was updated successfully, but these errors were encountered: All reactions...

Support for fee-on-transfer tokens

Lines of code Vulnerability details Impact The AddressDriver.sol do not support fee-on-transfer tokens. If the asset is a fee-on-transfer token, tokens received from users could be less then the amount specified in the transfer. The protocol could suffer a loss of funds. Proof of Concept function...

Some ERC20 tokens deduct a fee on transfer

Lines of code Vulnerability details Impact Some ERC20 token implementations have a fee that is charged on each token transfer. This means that the transferred amount isn't exactly what the receiver will get. A call to ERC20token.transferrecipient, 100 with a fee-on-transfer of 5% will entitle the...

SubprotocolRegistry accepts empty string as protocol name

Lines of code Vulnerability details Impact The input sanitization statements in SubprotocolRegistry.sol's register function are: function register bool ordered, bool primary, bool active, address nftAddress, string calldata name, uint96 fee external // ... if !ordered || primary || active revert...

Lack of double step transfer in admin modification in a upgradeable contract is dangerous

Lines of code Vulnerability details Lack of double step transfer in admin modification in a upgradeable contract is dangerous Summary Double step transfer of admin / ownership should be a must in upgradeable contracts Vulnerability Detail Admin is changed with changeAdmin that calls changeAdmin,...

Upgraded Q -> 2 from #508 [1675443068820]

Judge has assessed an item in Issue 508 as 2 risk. The relevant finding follows: Cannot add additional Multisig when 10 Multisig addresses are registered --- The text was updated successfully, but these errors were encountered: All reactions...

A Theoretical-Gaming Vulnerability

Lines of code Vulnerability details Impact There is a theoretical-gaming vulnerability in the project. Currently, users are able to set up a graph in which money should flow from one vertex to another. The user sets the split configuration on their account and there is a public function...

Unsafe casting of an int128 to uint128 can cause wrong accounting in _receiveDripsResult

Lines of code Vulnerability details Impact Unsafe casting of int128 to uint128 is dangerous and makes user receive more assets than they should. Proof of Concept state.amtDeltascycle can be a negative value. The delta value at each point is simply the relative change from the previous cycle. If...

Upgraded Q -> 2 from #260 [1675460942583]

Judge has assessed an item in Issue 260 as 2 risk. The relevant finding follows: L2 Withdrawable minipool can be finished before funds are withdrawn --- The text was updated successfully, but these errors were encountered: All reactions...

Squeezing drips from a sender can be front-run and prevented by the sender

Lines of code Vulnerability details Squeezing drips from a sender requires providing the sequence of drips configurations see NatSpec description in L337-L338: /// It can start at an arbitrary past configuration, but must describe all the configurations /// which have been used since then includi...

Hacked or malicious owner can steal all tokens

Lines of code Vulnerability details Tokens for all active drips are stored in the DripsHub contract. Since DripsHub is an upgradeable ERC1967Proxy, a malicious or hacked owner can simply upgrade the contract to include e.g., the following function: function stealTokensIERC20 token, address to,...

Same identity can be assigned to multiple users

Lines of code Vulnerability details Impact In the contest details it is mentioned that identity can be transferable even if it's currently assigned to address in AddressRegistry. However, I would assume that if another address registers it, the identity should be removed from the previous owner...

## Mathematical Modelling Cause a Significant Roundoff Error

Lines of code Vulnerability details Mathematical Modelling Cause a Significant Roundoff Error Function drippedAmt calculates the ended cycles. when calculating ended cycles it takes two divisions which cause round off error. Let's consider this scenario. Deposited token - WBTC amtPerSec = 1000000...

MinipoolManager: node operator can avoid being slashed

Lines of code Vulnerability details Impact When staking is done, a Rialto multisig calls MinipoolManager.recordStakingEnd . If the avaxTotalRewardAmt has the value zero, the MinipoolManager will slash the node operator's GGP. The issue is that the amount to slash can be greater than the GGP balan...

Multiple addresses can point to the same cidNFTID

Lines of code Vulnerability details Impact During AddressRegistry.register there is no check to ensure that a cidNFTID has been registered to an address. As CID NFT is transferrable, this means that the same CID NFT can be registered by multiple addresses. This could cause troubles for Dapps that...

Multiple accounts can have the same identity

Lines of code Vulnerability details Users can register their on-chain identity ie their CID NFT by calling AddressRegistry.register File: src/AddressRegistry.sol 42: function registeruint256 cidNFTID external 43: if ERC721cidNFT.ownerOfcidNFTID != msg.sender 44: // We only guarantee that a CID NF...

Solmate safeTransfer and safeTansferFrom does not check the code size of the token address

Lines of code Vulnerability details Impact The safeTransfer and safeTransferFrom don't check the existence of code at the token address. This is a known issue while using solmate's libraries. Hence this may lead to miscalculation of funds and may lead to loss of funds, because if safeTransfer and...