10190 matches found
nftAddress can be a malicious NFT
Lines of code Vulnerability details Impact In the subprotocolregistry contract, users are allowed to register any subprotocols. As long as the supportsinterface condition is met. The validity of the nftaddress address is not checked. function register bool ordered, bool primary, bool active,...
AddressRegistry might have non-actual record
Lines of code Vulnerability details Impact AddressRegistry might has non-actual record, which leads to inconsistent AddressRegistry state, and might affect possible consumers. Proof of Concept To register favorite NFT user calls register function from AddressRegistry. Then he sold this NFT to...
Other users cannot help a CIDNFT holder add subprotocols to the NFT
Lines of code Vulnerability details Impact Other users cannot approve and help CIDNFT holders add subprotocols to the NFT, breaking protocol specifications. Proof of Concept In the video walkthrough, around the 8 minute mark, it is mentioned that users can help NFT holders add subprotocols to the...
Upgraded Q -> 3 from #867 [1675460716325]
Judge has assessed an item in Issue 867 as 3 risk. The relevant finding follows: L-02, MinipoolManager, lines 670 - 684: The slash function slashes a node operator for the amount of whole duration. Since the cycles are in 14 days and the slashing is checked in the recordStakingEnd, if an operator...
Upgraded Q -> 2 from #854 [1675461747744]
Judge has assessed an item in Issue 854 as 2 risk. The relevant finding follows: When the protocol is paused, all the multisigs are disabled:, However, it is still possible to call startRewardsCycle in the RewardsPool, however, the execution will revert because the enabled count is 0: --- The tex...
Upgraded Q -> 2 from #836 [1675451857205]
Judge has assessed an item in Issue 836 as 2 risk. The relevant finding follows: Underflow error when redeeming to 0 after minting some rewards --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> 2 from #338 [1675444008015]
Judge has assessed an item in Issue 338 as 2 risk. The relevant finding follows: L-04 Staking.restakeGGP function should have whenNotPaused modifier Staking.sol 1 --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> 2 from #508 [1675443058277]
Judge has assessed an item in Issue 508 as 2 risk. The relevant finding follows: New address and existing address inputs can be the same in upgradeExistingContract --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> 2 from #365 [1675443623313]
Judge has assessed an item in Issue 365 as 2 risk. The relevant finding follows: L-4 Misleading comments - Multisig are still managing pool --- The text was updated successfully, but these errors were encountered: All reactions...
Upgraded Q -> 2 from #653 [1675442664703]
Judge has assessed an item in Issue 653 as 2 risk. The relevant finding follows: 1. Funds are locked if Rialto use function finishFailedMinipoolByMultisig Detail Function finishFailedMinipoolByMultisig did not transfer any funds or doing any data change, only updating state of minipool to Finishe...
Upgraded Q -> 2 from #615 [1675442567749]
Judge has assessed an item in Issue 615 as 2 risk. The relevant finding follows: 3:upgradeExistingContract need unregisterContract first and then registerContract. Avoid newAddr==existingAddr. unregisterContract remove newAddr function upgradeExistingContract address newAddr, string memory newNam...
Upgraded Q -> 2 from #769 [1675429128999]
Judge has assessed an item in Issue 769 as 2 risk. The relevant finding follows: L-1 requireNextActiveMultisig always returns the 1st enabled Multisig Relevant code: As the name suggested, MultisigManager.requireNextActiveMultisig should return the next enabled Multisig. However, it actually alwa...
Upgraded Q -> 2 from #783 [1675429188655]
Judge has assessed an item in Issue 783 as 2 risk. The relevant finding follows: restakeGGP doesn't have whenNotPaused modifier At line 319 stakeGGP has whenNotPaused modifier, while restakeGGP has not. Suggest to add the same modifier to restakeGGP. --- The text was updated successfully, but the...
Drips that end after the current cycle but before its creation can allow users to profit from squeezing
Lines of code Vulnerability details Impact By creating a drip that ends after the current cycle but before its creation time and immediately removing it, the sender doesn't have to put in any assets but the receiver can still squeeze this drip. By setting a receiver that the sender controls, the...
Lack of nonReentrant modifier when using _safeMint function
Lines of code Vulnerability details Impact The safeMint function implementation can allow a contract to reenter the the calling contract. Proof of Concept the safeMint function can be reentered through the safeMint function. function safeMintaddress to, UserMetadata calldata userMetadata public...
_squeezeDrips() passed the amount argument in place of amtPerSec for the _addDeltaRange, causing either underflow or the sender losing lots of fund!
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. squeezeDrips passes the amount argument in place of amtPerSec for its callee addDeltaRange in the following line addDeltaRangestate, cycleStart, cycleStart + 1, -int256amt AMTPERSECMULTIPLIER; The last...
Reentrancy in callBatched
Lines of code Vulnerability details Proof of Concept The Caller contract implements callBatched function in order to execute a batch of calls within one call. The function has payable declaration to be able to send ETH inside the call. The NATSPEC is also provided in parallel; /// @notice Execute...
_receiveDripsResult() overcounts amtPerCycle
Lines of code Vulnerability details Impact Drips results will be accounted for wrongly and hence users will receive more drips than they should. Proof of Concept According to the whitepaper, amtDeltas stored at each cycle is the value relative to the previous cycle. The stored delta for a cycle i...
Reentrancy due to lack of check-effect-interact pattern by valid Driver users
Lines of code Vulnerability details Impact In a Re-entrancy attack, a malicious contract calls back into the calling contract before the first invocation of the function is finished. This may cause the different invocations of the function to interact in undesirable ways, especially in cases wher...
Split vulnerable to preimage attack
Lines of code Vulnerability details Impact A motivated attacker could invest the resources to craft a malicious SplitsReceiver to steal all of a users' pending funds. Proof of Concept This is a non-practical implementation of the attack, but shows by extending the SplitsReceiver array by any numb...
Deletion on mapping containing a structure
Lines of code Vulnerability details Impact A deletion in a structure containing a mapping will not delete the mapping see the Solidity documentation. The remaining data may be used to compromise the contract. Proof of Concept File: Drips.sol struct AmtDelta /// @notice Amount delta applied on thi...
DIVISION BY _AMT_PER_SEC_MULTIPLIER AT EACH STEP OF THE ARITHMETIC OPERATION BEFORE MULTIPLICATION RESULTS IN ROUNDING ERROR
Lines of code Vulnerability details Impact In the drippedAmt function of the Drips.sol contract, the assembly is used to calculate the amount dripped over a time range. Inside the assembly amtPerCycle is calculated by multiplying cycleSecs and amtPerSec and dividing by AMTPERSECMULTIPLIER to remo...
Locked Ether
Lines of code Vulnerability details Impact Contract with a payable function, but without a withdrawal capacity. Every Ether sent to Caller will be lost. Proof of Concept File: Caller.sol function callAsaddress sender, address to, bytes memory data public payable returns bytes memory returnData...
Code breaks if first user is not expected user
Lines of code Vulnerability details Code breaks if first user is not expected user Summary Rather than iterate and continue if user is not the expected one, this code breaks all the execution if first user is userId Vulnerability Detail Execution is broke most of the times at first iteration for ...
_transferFromCaller is not compatible with USDT and similar tokens
Lines of code Vulnerability details transferFromCaller is not compatible with USDT and similar tokens Summary Setting directly typeuint256.max won't work for USDTTether. This is done at both transferFromCaller: NFTDriver.solL289 AddressDriver.solL174 Description Some tokens like USDT do not work...
RETURNS EMPTY UINT256 configs MEMORY ARRAY SINCE THE UPDATED MEMORY ARRAY IS NOT RETURNED
Lines of code Vulnerability details Impact buildConfigs function inside the Drips.sol is required to build a preprocessed list of drips configurations from receivers. Thus in its function implementation it initialized the uint256 memory configs array and send it as an argument to the addConfig...
Caller.callBatched doesn't enforce msg.value is equal to sum of call values
Lines of code Vulnerability details For each call in callBatched, we pass a value to be sent along with the call: for uint256 i = 0; i calls.length; i++ Call memory call = callsi; returnDatai = callsender, call.to, call.data, call.value; The sum of the values of the calls should be equal to...
UNEXPECTED DATA LOSS IS POSSIBLE DUE TO UNSAFE DOWN CASTING OF UINT40 TO UINT32
Lines of code Vulnerability details Impact In the dripsRange function of the Drips.sol contract variable end is declared as of type uint40. After the arithmetic operations and conditional checks have been performed, the end variable is returned as uint32end thus down casting it unsafely. Proof of...
setDrips may distribute the drip too fast if the time hints are not good enough
Lines of code Vulnerability details Impact The setDrips function is used to configure a drip. It can either be withdrawing it, adding a new one, or even managing an existing one by updating the configuration. Internally, it account for the drips that are yet to be distributed to refund them to th...
callSigned() can be front-runned
Lines of code Vulnerability details Impact Attacker able to bypass check present in callSigned by passing a proper valid sender address as parameter to callSigned function Proof of Concept For signature check following function checks requiresigner == sender, "Invalid signature"; Where sender...
AddressRegistry can associate same CID to different addresses at the same time
Lines of code Vulnerability details The AddressRegistry contract can associate a CID NFT to an account address. As stated in the contest, the CID NFT can be transferred out of the account that registered it. However, once transferred it can be registered again while keeping the previous...
User can do registration of one CID NFT many times
Lines of code Vulnerability details Impact User can do registration one CID NFT repeatedly, and event CIDNFTAdded will be emited again and again. No checks, that user already registerd. When willl be some logic on frontend, which use this event, it could break, when get one more events CIDNFTAdde...
Misuse of a Boolean constant
Lines of code Vulnerability details Impact Use of Boolean constants true/false in code is indicative of flawed logic. Boolean constants in code have only a few legitimate uses. Other uses in complex expressions, as conditionals indicate either an error or, most likely, the persistence of faulty...
Griefing risk in mint
Lines of code Vulnerability details Impact CidNFT.mint has an optional parameter addList that enables users to register subprotocol NFTs to the CID NFT right after the mint. However, there is no guarantee that the cidNFTID encoded in addList is the same ID as the newly minted NFT. If there is a...
Upgraded Q -> 2 from #867 [1675460709593]
Judge has assessed an item in Issue 867 as 2 risk. The relevant finding follows: L-01, ProtocolDAO.sol lines 209 - 216: upgradeExistingContract mistakenly removes the address value of the new contract if the new contract’s name is the same as the old one. This can be easily fixed with unregisteri...
DoS with block gas limit in squeezeDrips
Lines of code Vulnerability details Squeezing drips requires verifying the entire history of that drip. This means iterating over an unbounded loop of the size of the history for uint256 i = 0; i dripsHistory.length; i++ DripsHistory memory drips = dripsHistoryi; bytes32 dripsHash =...
Anyone can call the DripsHub.split function to frontrun the DripsHub.setSplits function call of the trusted user who owns the splittable funds
Lines of code Vulnerability details Impact As mentioned by the following DripsHub.split function's comment, the user, who owns the splittable funds, needs to be trusted by the receivers for such splittable funds. Yet, when this trusted user wants to call the DripsHub.setSplits function below to...
[M-04] Balance manipulation when contract is paused
Lines of code Vulnerability details Impact State-changing methods missing the whenNotPaused modifier, is a security hole. Even when contract is paused increaseTotalBalance and decreaseTotalBalance methods can be called internally. Therefore, medium severity matches. Proof of Concept function...
Signature replay attacks possible if deployed on multiple chains
Lines of code Vulnerability details Caller.callSigned operates using an EIP-712 signature which verifies the signed data to be used in a call on behalf of the signer. The problem with this method lies in the fact that it doesn't specify the chain ID, and thus if the contract is ever deployed to...
Upgraded Q -> 2 from #862 [1675430218943]
Judge has assessed an item in Issue 862 as 2 risk. The relevant finding follows: L-1 Function requireNextActiveMultisig always returns the first Multisig Affected code MultisigManager.requireNextActiveMultisig is supposed to return the next enabled Multisig. However it always returns the first...
Proxy admin of DripsHub, AddressDriver, NFTDriver and ImmutableSplitsDriver can steal users' tokens by upgrading the contract
Lines of code Vulnerability details Impact Proxy admin of DripsHub, AddressDriver, NFTDriver and ImmutableSplitsDriver can perform different malicious actions through upgrading, all can lead to users' assets being stolen. Proof of Concept An upgradable proxy contract can be upgraded with arbitrar...
The users can't add traits for their CidNFT's
Lines of code Vulnerability details Proof of Concept The CidNFT contract implements the add function for the users to add traits/subprotocol Id's to their CidNFT's. During calling add function, it validates whether the user is the owner of the provided CiDNFT and the user is approved by the owner...
CidNFT: Broken tokenURI function
Lines of code Vulnerability details CidNFTtokenURI does not convert the uint256 id argument to a string before interpolating it in the token URI: /// @notice Get the token URI for the provided ID /// @param id ID to retrieve the URI for /// @return tokenURI The URI of the queried token path to a...
Multiple people can register the same cidNFTID
Lines of code Vulnerability details Impact Multiple people can register the same cidNFT in a way that the same "canonical on-chain identity" can be shared accross multiple real-life identities. Proof of Concept cidNFTs can be transfered as any ERC721 token. After each transfer the new owner can...
BURN any ERC721 tokens in DRIFT NFT protocol by just sending the tokenID on the public burn function
Lines of code Vulnerability details Impact Access control plays an important role in segregation of privileges in smart contracts and other applications. If this is misconfigured or not properly validated on sensitive functions, it may lead to loss of funds, tokens, and in some cases, compromise ...
User may charge any amount of fees when registering a subprotocol
Lines of code Vulnerability details Impact When registering a subprotocol, the user may enter any amount of fees. There are no checks implemented. Proof of Concept The register function does not have a check for the fee. A limit may be imposed otherwise a user can register a subprotocol with any...
Potential DOS in Contract Inheriting UUPSUpgradeable.sol
Lines of code Vulnerability details Impact There is a contract which inherit UUPSUpgradeable.sol, namely; Managed.sol . The contract is deployed using a proxy pattern whereby the implementation contract is used by the proxy contract for all its logic. The proxy contract will make delegate calls t...
Upgraded Q -> 2 from #748 [1675439377792]
Judge has assessed an item in Issue 748 as 2 risk. The relevant finding follows: L MultisigManager doesn't have unregister function MultisigManager.sol contains a hard limit of MULTISIGLIMIT to 10. Meanwhile in the contract, there are functions like registerMultisig, enableMultisig, and...
CidNFT#add will break if _type is not passed in correctly
Lines of code Vulnerability details Impact CIDNFT holders that wants to add subprotocols to their NFT will not be able to anymore because the subprotocol NFT will be stuck in the CidNFT.sol contract. Proof of Concept When a CIDNFT holder wants to add subprotocols to their NFT, he will call...
Admin role lockout possible
Lines of code Vulnerability details Impact Admin of contracts is controlled by Managed contract, and implements a transfer of admin privilege in a single step. A malicious admin or an error in the new address when calling changeAdmin can prevent all admin activities on all the contracts forever...