10190 matches found
Proposal can be infinitely DOSed with no additional conditions
Lines of code Vulnerability details Description OptimisticListingSeaport.sol is easily DOSable due to the following conditions: 1. A new proposal overrides the existing proposal 2. The deposited collateral can be any non-zero amount 3. Only requirement is that pricePerToken is lower than before. ...
Funds will be lost if the contract handling the refunds are unable to handle them at the moment
Lines of code Vulnerability details The return values of low-level calls are not checked Impact If the fund transfer results in a revert on the recipient's end, e.g. due to being paused, the code will continue on as if it had been successful, and the Ether will be lost. Proof of Concept Return...
GroupBuy does not properly refund users
Lines of code Vulnerability details Impact On a successful purchase, users can call claim on the GroupBuy contract to mint and refund. The refunded amount is userContributions - summinReservePricesqty - pendingBalances. In case of the actual purchase price minReservePrices, the difference is not...
rejectProposal/rejectActive/cancel did not update pendingBalances
Lines of code Vulnerability details Impact In the OptimisticListingSeaport contract, pendingBalances represents the number of Rae tokens sent to the contract by the user when creating the proposal, which can be withdrawn in the withdrawCollateral function. function withdrawCollateraladdress vault...
Malicious users can block listing
Lines of code Vulnerability details Impact In the OptimisticListingSeaport contract, any user with the Rae token corresponding to this Vault can call the propose function to create a listing proposal, which can be used for listing when the proposal exists over PROPOSALPERIOD. function listaddress...
Only one GroupBuy can ever use USDT or similar tokens with front-running approval protections
Lines of code Vulnerability details Calling approve without first calling approve0 if the current approval is non-zero will revert with some tokens, such as Tether USDT. While Tether is known to do this, it applies to other tokens as well, which are trying to protect against this attack vector...
Orders may not be fillable due to missing approvals
Lines of code Vulnerability details Not all IERC20 implementations revert when there's a failure in approve. If one of these tokens returns false, there is no check for whether this has happened during the order listing validation, so it will only be detected when the order is attempted. Impact I...
Upgraded Q -> M from #201 [1671458492331]
Judge has assessed an item in Issue 201 as M risk. The relevant finding follows: Deposit function is not compatible with deflationary token The actual deposited amount might be lower than the specified depositAmount of the function parameter. This would lead to wrong interest rate calculations on...
User will often overpay when adding liquidity
Lines of code Vulnerability details Impact One of the assets either baseTokens or fractionalTokens will likely be overpaid when the user calls Pair.add liquidity. Proof of Concept The Pair.add function takes baseTokenAmount, fractionalTokenAmount and minLpTokenAmount as inputs. The first two...
Frontrunning initial liquidity adding
Lines of code Vulnerability details Impact Creation of the pair does not add initial liquidity which leads to situation where attacker can front-run creator and execute sandwich attack against the creator. Exploitation Scenario: 1. Alice creates pair and wants to add liquidity 2. Bob front-runs...
First depositor can break the price of shares
Lines of code Vulnerability details Impact The first depositor of the pool can wreck up the price of the shares for the future depositors mostly as the pair launches because of the rounding. Proof of Concept 1. Bob wraps 1 NFT deposits and received 1e18 denominations of fractionalTokens 2. Bob...
xyk invariant does not hold after calls to buy() and sell()
Lines of code Vulnerability details Impact Functions buyQuote and sellQuote are defined like this in Pair.sol: /// @notice The amount of base tokens required to buy a given amount of fractional tokens. /// @dev Calculated using the xyk invariant and a 30bps fee. /// @param outputAmount The amount...
LP pricing formula is vulnerable to flash loan manipulation
Lines of code Vulnerability details Impact The LP pricing formula used in the buyQuote, sellQuote, addQuote, removeQuote functions of Pair.sol contract is vulnerable to flash loan manipulation. Proof of Concept The baseTokenReserves calculates the current balance of base token reserves. This...
(*POTENTIAL DUPLICATE) unwrap function can be exploited to exchange lower priced NFT's for higher priced counterparts
Lines of code Vulnerability details POTENTIAL DUPLICATE - Submitted earlier but haven't received an email confirmation. Hence resubmitting - please ignore if my earlier submission was already recorded Impact nftRemove function takes an array of tokenIds and LPTokens, releases the fractional NFT...
Pair.sol can be manipulated to affect small liquidity providers.
Lines of code Vulnerability details Impact The first minter can manipulate the supply of LP tokens and baseToken-fractional ratio, hindering small liquidity providers from interacting with the pair. A malicious actor can mint 1wei of LP token from a new pair, then proceed to transfer baseToken to...
User didn't get an lpToken when trying to add liquidity to the pair with some baseTokenAmount
Lines of code Vulnerability details Impact User didn't get an lpToken when trying to add liquidity to the pair with some baseTokenAmount. The user lost their asset since they didn't get any lpToken Proof of Concept Inside Pair.sol contract, the add function exist for adding liquidity to the pair...
First depositor can break minting of shares
Lines of code Vulnerability details Impact The attack vector and impact is the same as TOB-YEARN-003, where users may not receive shares in exchange for their deposits if the total asset amount has been manipulated through a large βdonationβ. Proof of Concept In Pair.add, the amount of LP token...
Reentrancy issue #2: Functions remove() and sell() are vulnerable to reentrancy attack if baseToken implement a call to receiver in _beforeTokenTransfer().
Lines of code Vulnerability details It is important to be aware that I have reported two reentrancy bugs. Each of these have different ways of being activated and can be found in separate functions. Impact All calculations done in Caviar Pair are using token balance directly. For example, when...
Unlimited minting of fractional tokens by calling Pair.wrap() multiple times
Lines of code Vulnerability details Impact User can mint an unlimited amount of fractional tokens and break the protocol by selling the tokens. Proof of Concept NFTs can be traded for 1e18 fractional tokens by calling the function wrap. Wrap calls validateTokenIdstokenIds, proofs which in turn ru...
NOT refunding excess token while adding liquidity
Lines of code Vulnerability details Impact LP providers can lose fund Proof of Concept Tools Used Recommended Mitigation Steps incase of ether, return excess ether - incase of erc20, transfer only required amount - --- The text was updated successfully, but these errors were encountered: π 1 Shun...
LP's ERC20 tokens cannot be rescued when owner closes the pair
Lines of code Vulnerability details Impact LP cannot be rescued when owner closes the pair. Aside from the NFT which can be salvaged through Pair.withdraw, the ERC20 token amounts cannot be rescued, resulting in fund loss. Proof of Concept In case of any malicious attempt to grief the protocol, t...
Tokens are expected to have 18 decimals but not all have them
Lines of code Vulnerability details Tokens are expected to have 18 decimals but not all have them Summary Pairs doesn't consider tokens with less or more than 18 decimals Impact Tokens not compatible Proof of Concept Mitigation Don't use hardcoded 18 decimals --- The text was updated successfully...
Pair.sol contract is susceptible to having its pricing curve (x*y = k) manipulated through a 3rd party contract calling selfdestruct() and forwarding ether.
Lines of code Vulnerability details Impact If a pair is denominated in ether, a third party contract can forward ether to the contract using the selfdestruct function passing the pair's address. The impact of this is that the pair will allow its market making curve to be manipulated. Among other...
in add function forgot to add not zero for minimum lp
Lines of code Vulnerability details Impact problems in the calculation of the system Proof of Concept requirebaseTokenAmount 0 && fractionalTokenAmount 0, "Input token amount is zero"; Tools Used manually Recommended Mitigation Steps add checks like basetoken --- The text was updated successfully...
Pair.sol has payable functions with no way of withdrawing that ether
Lines of code Vulnerability details Pair.sol has payable functions with no way of withdrawing that ether Summary Value is deposited on the contract using payable functions but later can't be taken out Impact Locked ether Proof of Concept Pair.adduint256,uint256,uint256 Pair.buyuint256,uint256...
LP token is vulnerable to flashloan manipulation
Lines of code Vulnerability details Impact Detailed description of the impact of this finding. The addQuote function in the pair.sol smart contract utilizes a pricing formula for liquidity pools that is susceptible to exploitation through flashloan manipulation. By introducing a large quantity of...
Centralization Risks, Rug pull vectors
Lines of code Vulnerability details Impact Owner can mint or burn unlimited tokens, functions can be used to rug pull the project. Proof of Concept Although owner role is supposedly not malicious, if owner's wallet keys are compromised, an attacker could rug the project. Based on the fact that we...
buyQuote should be rounded up
Lines of code Vulnerability details Impact The buyQuote is not rounded up, which can cause a leak of value, due to the buyQuote being underestimated. Proof of Concept The function Pair.buyQuote does not round up, which can cause the issue described under Impact: function buyQuoteuint256...
Pair.sol:close() does not recover any of the base token / liquidity tokens before destroying it
Lines of code Vulnerability details Impact If pair hold any of the native or any other liquidity tokens, that never be recovered if the pair is destroyed. Proof of Concept owner has special rights to destroy the pair if it is compromised. But before destroy, it does not recover any of of the toke...
Price manipulation by sending Ether
Lines of code Vulnerability details Price manipulation by sending Ether not profitable although The function Pair.price uses Pair.baseTokenReserves uses addressthis.balance or ERC20baseToken.balanceOfaddressthis. In case addressthis.balance is used when address0 is passed, there can be price...
Merkle root of zero bypasses validation
Lines of code Vulnerability details Impact The merkle root validation happens with this require in validateTokenIds. If the merkle root is zero, this check is skipped. Proof of Concept This require validates that the merkle root is valid. This code is never reached if merkleRoot == bytes230 becau...
Not supporting fee-on-transfer token as base token
Lines of code Vulnerability details Impact In Caviar protocol, all calculations in functions add, remove, buy, sell is done using token balance of Pair contract directly. In function add, it calculates and mints LP token to sender first before transferring baseToken in. function adduint256...
[M-0] Unhandled return values of transfer
Lines of code Vulnerability details c4udit Report Issues found M-0 Unhandled return values of transfer Impact Some implementations of transfer could return βfalseβ on failure instead of reverting. Findings: src\Pair.sol::85 = transferFrommsg.sender, addressthis, fractionalTokenAmount;...
GroupBuys that are completely filled still don't raise stated target amount
Lines of code Vulnerability details Description createPool in GroupBuy.sol creates a new contribution pool around an NFT. It specifies a target initialPrice as minimum amount of ETH the NFT will cost, and totalSupply which is the number of Raes to be minted on purchase success. minBidPrices is...
Surplus token after adding liquidity is not refunded to liquidity providers. LP might suffer front-running attack and lose funds.
Lines of code Vulnerability details Impact Function Pair.add receives base token and fractional token from liquidity providers and mint equivalent amount of LP token for them. The amount of LP token be minted is calculate in function addQuote function addQuoteuint256 baseTokenAmount, uint256...
A malicious early user/attacker can manipulate the lpToken's pricePerShare to take an unfair share of future users' deposits
Lines of code Vulnerability details Impact A well known attack vector for almost all shares based liquidity pool contracts, where an early user can manipulate the price per share and profit from late users' deposits because of the precision loss caused by the rather large value of price per share...
Protocol's fractional token assumes that each NFT in a collection has the same value
Lines of code Vulnerability details Impact User can cheat the system by wrapping getting fractional tokens a low value NFT and unwrapping a high value NFT selling the same fractional tokens. Pair creator might lose out. Proof of Concept Pair.wrap takes in an array of tokenIds and an array of...
Loss of ETH for proposer when it is a contract that doesn't have fallback function.
Lines of code Vulnerability details Description sendEthOrWeth is used in several locations in OptimisticListingSeaport: 1. rejectProposal - sent to proposer 2. rejectActive - sent to proposer 3. cash - sent to msg.sender This is the implementation of sendEthOrWeth: function...
Upgraded Q -> M from #334 [1671456734920]
Judge has assessed an item in Issue 334 as M risk. The relevant finding follows: Collateral.withdraw allows the manager to withdraw an arbitrary amount of baseToken from Collateral. The only check is in the ManagerWithdrawHook.hook call, where it checks the withdrawal does not drop the amount of...
Attacker can make group pay for tokenID that is not intended.
Lines of code Vulnerability details Description purchase in GroupBuy.sol executes the purchase call for the group. There are two possibilities for which tokenIDs can be bought in GroupBuy: 1. If the group is for a specific NFT, the tokenID is the value in pool.merkleRoot variable. 2. If the group...
PRICES CAN BE MANIPULATED WHEN LIQUIDITY IS VERY LOW
Lines of code Vulnerability details Impact Base and fractional token prices in the pool can be manipulated and set to values severely deviating from the originally intended price ratio right after the pool has been created. At this point, liquidity in the pool is deemed zero or exceptionally thin...
ERC20 TOKENS WITH DIFFERENT DECIMALS THAN 18 MAY BREAK THE LOGIC AND PROVIDE UNEXPECTED RESULTS
Lines of code Vulnerability details Impact Note: Though it is mentioned that Rebase/fee-on-transfer tokens are not expected, however there exist other ERC20 tokens having different decimals than 18 Contracts LpToken and Pair performs calculations by using hardcoded value of decimals 18 1e18 for...
unwrap function in Pair.sol can be exploited by a malicious user to exchange less expensive NFT's for more expensive ones in the pool
Lines of code Vulnerability details Impact nftRemove function burns lpTokens and releases baseTokenAmount and fractionalTokenAmount and then burns the fractionalTokenAmount to unwrap the NFT that is released back to the sender. At the time of unwrapping, code does not check if the tokenIds...
Bids are wrongly ordered when prices and quantities are equal.
Lines of code Vulnerability details Description In GroupBuy, when total amount of Raes is filled up with purchases, users start competing with higher price offers. Their bids are laid out in a min priority queue structure implemented in MinPriorityQueue.sol. The docs clearly state that when two...
Bidding data structure is corrupted, leading to unfair removal from queue.
Lines of code Vulnerability details Description processBidsInQueue in GroupBuy handles integrating a new bid into the existing structure. If bumps out lower-paying bids until the new bid is completely fulfilled or the remaining bids are too high. When the lowest paying bid has higher quantity tha...
Earlier bidders get cut out of future NFT holdings by bidders specifying the same price.
Lines of code LOC: Vulnerability details Description In GroupBuy module, users can call contribute to get a piece of the NFT pie. There are two stages in transforming the msg.value to holdings in the NFT. 1. filling at any pricesupply is not yet saturated uint256 fillAtAnyPriceQuantity =...
Priority queue min accounting breaks when nodes are split in two
Lines of code Vulnerability details The README states If two users place bids at the same price but with different quantities, the queue will pull from the bid with a higher quantity first, but the data-structure used for implementing this logic, is not used properly and essentially has its data...
there is no check for ensure closeTimestamp is not bigger than timestamp
Lines of code Vulnerability details Impact logic issue Proof of Concept if closeTimestamp be bigger than timestamp logic will break, there is no check Tools Used Recommended Mitigation Steps check that closeTimestamp is not bigger than timestamp --- The text was updated successfully, but these...
Rounding down leads to breakage of the xy curve calculation
Lines of code Vulnerability details Impact When needing to calculate the inputAmount required to receive a certain amount of fractional tokens called outputAmount, we are deriving from the xy = k curve used on the Uniswap V2 protocol. Proof of Concept Some maths: The so-called curve equation is: ...
there is no max value for min lp in add function
Lines of code Vulnerability details Impact breaking logic, ... Proof of Concept there is no check Tools Used Recommended Mitigation Steps ad checks to ensure min lp amt is have max --- The text was updated successfully, but these errors were encountered: π 2 Shungy and soosh1337 reacted with thum...