First depositor can break minting of shares

Lines of code Vulnerability details Impact The attack vector and impact is the same as TOB-YEARN-003, where users may not receive shares in exchange for their deposits if the total asset amount has been manipulated through a large “donation”. Proof of Concept In Pair.add, the amount of LP token...

buyQuote should be rounded up

Lines of code Vulnerability details Impact The buyQuote is not rounded up, which can cause a leak of value, due to the buyQuote being underestimated. Proof of Concept The function Pair.buyQuote does not round up, which can cause the issue described under Impact: function buyQuoteuint256...

in add function forgot to add not zero for minimum lp

Lines of code Vulnerability details Impact problems in the calculation of the system Proof of Concept requirebaseTokenAmount 0 && fractionalTokenAmount 0, "Input token amount is zero"; Tools Used manually Recommended Mitigation Steps add checks like basetoken --- The text was updated successfully...

Price manipulation by sending Ether

Lines of code Vulnerability details Price manipulation by sending Ether not profitable although The function Pair.price uses Pair.baseTokenReserves uses addressthis.balance or ERC20baseToken.balanceOfaddressthis. In case addressthis.balance is used when address0 is passed, there can be price...

there is no check for ensure closeTimestamp is not bigger than timestamp

Lines of code Vulnerability details Impact logic issue Proof of Concept if closeTimestamp be bigger than timestamp logic will break, there is no check Tools Used Recommended Mitigation Steps check that closeTimestamp is not bigger than timestamp --- The text was updated successfully, but these...

Loss of ETH for proposer when it is a contract that doesn't have fallback function.

Lines of code Vulnerability details Description sendEthOrWeth is used in several locations in OptimisticListingSeaport: 1. rejectProposal - sent to proposer 2. rejectActive - sent to proposer 3. cash - sent to msg.sender This is the implementation of sendEthOrWeth: function...

Funds will be lost if the contract handling the refunds are unable to handle them at the moment

Lines of code Vulnerability details The return values of low-level calls are not checked Impact If the fund transfer results in a revert on the recipient's end, e.g. due to being paused, the code will continue on as if it had been successful, and the Ether will be lost. Proof of Concept Return...

Orders may not be fillable due to missing approvals

Lines of code Vulnerability details Not all IERC20 implementations revert when there's a failure in approve. If one of these tokens returns false, there is no check for whether this has happened during the order listing validation, so it will only be detected when the order is attempted. Impact I...

Pair.sol contract is susceptible to having its pricing curve (x*y = k) manipulated through a 3rd party contract calling selfdestruct() and forwarding ether.

Lines of code Vulnerability details Impact If a pair is denominated in ether, a third party contract can forward ether to the contract using the selfdestruct function passing the pair's address. The impact of this is that the pair will allow its market making curve to be manipulated. Among other...

Malicious users can block listing

Lines of code Vulnerability details Impact In the OptimisticListingSeaport contract, any user with the Rae token corresponding to this Vault can call the propose function to create a listing proposal, which can be used for listing when the proposal exists over PROPOSALPERIOD. function listaddress...

Groupbuy: Construction of merkle tree allows some unintended IDs to be bought

Lines of code Vulnerability details Impact In GroupBuy.purchase, when no proof is provided, it is required that the provided token ID is equal to the stored merkleRoot: if purchaseProof.length == 0 // Hashes tokenId to verify merkle root if proof is empty if bytes32tokenId != merkleRoot revert...

Groupbuy: _verifyUnsuccessfulState and _verifySuccessfulState both can return true when block.timestamp == pool.terminationPeriod

Lines of code Vulnerability details Impact The functions verifyUnsuccessfulState and verifySuccessfulState should always have a differing behavior with regards to reversion, i.e. when one does not revert, the other should revert. In one condition, this is not true. Namely, when we have pool.succe...

User can provide malicious _market in GroupBuy.purchase to steal funds or NFT

Lines of code Vulnerability details Impact The argument market of GroupBuy.purchase is not validated. The following call is directly performed on it: address vault = IMarketBuyermarket.executevalue: pricepurchaseOrder; Then, it is checked that the returned address owns the NFT: if...

Reentrancy in GroupBuy.purchase allows buying NFT twice

Lines of code Vulnerability details Impact In GroupBuy.purchase, poolInfopoolId.success which prevents buying the same NFT again is only set to true after the sale was executed. This can be exploited by reentering in the following line: address vault = IMarketBuyermarket.executevalue:...

OptimisticListingSeaport: pendingBalances overwritten instead of increased

Lines of code Vulnerability details Impact The functions list and cash overwrite the current value instead of increasing it: pendingBalancesvaultactiveListing.proposer = activeListing.collateral; pendingBalancesvaultactiveListing.proposer = collateral; This can be very problematic because the val...

GroupBuy: Lost ETH when the NFT is bought for less than the minimum reserve price

Lines of code Vulnerability details Impact The purchase function does not require that an NFT is bought for exactly minReservePricespoolId filledQuantitiespoolId, the price is only not allowed to be greater: if price minReservePricespoolId filledQuantitiespoolId revert InvalidPurchase; This makes...

GroupBuy may purchase NFT not in the allowed list

Lines of code Vulnerability details Impact When purchaseProof.length == 0, GroupBuy.purchase compare the tokenId with the merkleRoot. This allow any tokenId that match the merkleRoot to be purchased, even if they are not included in the allow list during setup. if purchaseProof.length == 0 //...

OptimisticListingSeaport.propose sets pendingBalances of newly added proposer instead of previous one

Lines of code Vulnerability details Impact In OptimisticListingSeaport.propose, pendingBalances is set to the collateral. The purpose of this is that the proposer of a previous proposal can withdraw his collateral afterwards. However, this is done on the storage variable proposedListing after the...

GroupBuy does not check return value of call

Lines of code Vulnerability details Impact Both usages of call do not check if the transfer of ETH was succesful: payablemsg.sender.callvalue: contribution""; ... payablemsg.sender.callvalue: balance""; This can become very problematic when the recipient is a smart contract that reverts for...

Upgraded Q -> M from #315 [1671270502271]

Judge has assessed an item in Issue 315 as M risk. The relevant finding follows: Lines of code Vulnerability details Description Collateral.sol exposes a permissioned withdraw function: function managerWithdrawuint256 amount external override onlyRoleMANAGERWITHDRAWROLE nonReentrant if...

Wrong address input in BondNFT.createLock results in wrong _owner being saved in memory

Lines of code Vulnerability details Impact Wrong address input in createLock results in function failure of extendLock and claim. Proof of Concept When someone calls lock in Lock.sol, the function BondNFT.createLock is called . bondNFT.createLock asset, amount, period, msg.sender;...

safeTransfer should be used instead of transferFrom in winnerClaimNFT

Lines of code Vulnerability details Impact The winner of the raffle may be a smart contract which doesn't handle NFTs, thus leaving the NFT irretrievably lost instead of being awarded to an address which can handle NFTs. Additionally, the NFT should be in the VRFNFTRandomDraw contract at the time...

Compromised or malicious owner of GovNFT contract can call _bridgeMint function on Chain A to block a Governance NFT's holder from bridging such NFT from Chain B to Chain A

Lines of code Vulnerability details Impact After a Governance NFT is minted and transferred to a user on Chain A, this user can bridge it to Chain B. Afterwards, because this NFT is already burned on Chain A, the owner of the GovNFT contract, who can possibly become compromised or malicious, can...

The owner can swap the proxy implementation with a malicious one

Lines of code Vulnerability details The owner of VRFNFTRandomDrawFactory.sol could swap the current implementation with a malicious one at any moment, without a waiting period. Impact The worse case scenario is one in which the private key of the contract owner gets stolen. In this case the owner...

Contract Owner Possesses Too Many Privileges

Lines of code Vulnerability details Impact The owner has many privileges in the contract: setBlockDelay, setAllowedVault, setMaxWinPorcent, setLimitOrdenPriceRange, setFees, setTradingExtension Proof of Concept function setBlockDelay uint blockDelay external onlyOwner blockDelay = blockDelay; /...

Unprotected contract

Lines of code Vulnerability details Impact Anyone can call makeNewDraw and become admin. src/VRFNFTRandomDrawFactory.sol function makeNewDrawIVRFNFTRandomDraw.Settings memory settings external returns address address admin = msg.sender; // Clone the contract address newDrawing =...

Generalized frontrunning risk for claiming winnings due to request.currentChosenTokenId being public

Lines of code Vulnerability details Impact The function VRFNFTRandomDraw.sol:fulfillRandomWords called by Chainlink receives an array of random words, and uses it to choose a random offset by which the winning tokenId is selected. The chosen tokenId is stored on the public request variable in the...

INITREFS() COULD BE USED TO OVERWRITE ALL REFFERAL DATA

Lines of code Vulnerability details Impact Although denoted as deprecated, initRefs is readily there in Referrals.sol that could be called by the owner whose private keys might have been compromised to reassign all the referral data. This could impact the referrers specifically who might have...

Error when handling deposit in the addToPosition function

Lines of code Vulnerability details Impact In the function addToPosition from the Trading contract the amount of open fees are handled using the handleOpenFees function but when calling the handleDeposit function the wrong margin is passed, in fact the handleDeposit function gets addMargin - fee...

recoverTimelock can have a value shorter than the winner's deadline to claim

Lines of code Vulnerability details Impact The value of recoverTimelock is checked to be greater than a week and less than a year, but it should never be allowed to be shorter than block.timestamp + settings.drawBufferTime, which is the time given to the winner to claim the NFT. Otherwise it coul...

Error in trade accumulated interest calculation

Lines of code Vulnerability details Impact The trade's accumulated interest may result smaller than expected when long open interest is zero. Proof of Concept function tradesuint id public view returns Trade memory ... int256 pendingFunding; if trade.direction && longOi...... 0 pendingFunding =...

Governance NFT holder, whose NFT was minted before Trading._handleOpenFees function is called, can lose deserved rewards after Trading._handleOpenFees function is called

Lines of code Vulnerability details Impact Calling the following Trading.handleOpenFees function does not approve the GovNFT contract for spending any of the Trading contract's tigAsset balance, which is unlike calling the Trading.handleCloseFees function below that executes...

Wrong value of MONTH_IN_SECONDS could make it impossible to recover NFT in 7 years

Lines of code Vulnerability details Impact Constant MONTHINSECONDS has incorrect value. Instead of 1 month, it has the value of 7 months. // @dev about 30 days in a month uint256 immutable MONTHINSECONDS = 3600 24 7 30; // @audit wrong value, could allow bufferTime and recoverTimelock become too...

Unable to release funds deposited through Lock-extendLock

Lines of code Vulnerability details Impact Users depositing tig assets to the bondNFT through the Lock contract could find themselves unable to release their funds. The only explanation the user would receive is an "Arithmetic over/underflow" error. This issue greatly deteriorates the user...

Might lose manager forever

Lines of code Vulnerability details Impact If project sets new manager with a typo, might lose manager forever Proof of Concept function setManager address manager public onlyOwner manager = manager; https://twitter.com/realgmhacker/status/1603362870699429889?s=20&t=vm4wY1ITefLhCW8BDa0oig...

Token decimals may be above 18 leading to underflow issues

Lines of code Vulnerability details Impact In both StableVault and Trading, there is an assumption that token decimal amounts are =18. However this can break if token decimals are 18, resulting in underflow which can lead to unpredictable behaviors, and extreme amounts during deposits and...

Wrong position size calculation in TradingLibrary.pnl()

Lines of code Vulnerability details Impact Users will pay less closing fees than they should when they have a profitable short position. Also, they will pay more fees when they have a lost short position. Proof of Concept TradingLibrary.pnl calculates the new position size like below. function...

Weak PRNG

Lines of code Vulnerability details Impact Weak PRNG due to a modulo on block.timestamp, now or blockhash. These can be influenced by miners to some extent so they should be avoided. src/VRFNFTRandomDraw.sol if settings.recoverTimelock block.timestamp + MONTHINSECONDS 12 revert...

Unchecked setters

Lines of code Vulnerability details Impact Incorrect data: If the 'referred' or 'protocol' variables are set to incorrect values, it could result in incorrect or unexpected behavior in the contract. Manipulation: Malicious actors could potentially exploit this vulnerability to manipulate the syst...

LP Rewards can be increased infinitely by a malicious liquidity provider

Lines of code Vulnerability details Impact LP Rewards can be increased infinitely by a malicious liquidity provider Proof of Concept A Bond NFT holder can claim pending rewards from a bond using the function Lock.claim. function claim uint256 id public returns address claimGovFees; uint amount,...

Wrong calculation of MONTH_IN_SECONDS

Lines of code Vulnerability details Wrong calculation of MONTHINSECONDS : line 33 on VRFNFTRandomDraw.sol is calculating 30 weeks of 7 days instead of 30 days. 30 weeks of 7 days = 3600 24 7 30. 30 days = 3600 24 30. so and wont work properly --- The text was updated successfully, but these error...

lastResortTimelockOwnerClaimNFT() can retrieve the token although drawing is in progress

Lines of code Vulnerability details Impact owner can retrieve the token although drawing is in progress Proof of Concept lastResortTimelockOwnerClaimNFT Be used in: " If no users ultimately claim the NFT, the admin specifies a timelock period after which they can retrieve the raffled NFT. " But i...

Owner can potentially prevent winner from claiming by starting draw after recover timelock and then calling lastResortTimelockOwnerClaimNFT

Lines of code Vulnerability details Impact The owner can call startDraw at any time, including after the recoverTimelock has expired, which means the owner can call lastResortTimelockOwnerClaimNFT and potentially reclaim the NFT immediately after the draw completes if they do not want the winner ...

Wrong deposit amount in Trading.addToPosition()

Lines of code Vulnerability details Impact Users should deposit a full amount of addMargin but it deducts fee now. As a result, users will pay less funds than they should. Proof of Concept In addToPosition, users deposits addMargin - fee after the fee calculation. File:...

The way the winner claiming NFT is vulnerable to flashloan attack.

Lines of code Vulnerability details Impact The way the winner claiming NFT is vulnerable to flashloan attack. Proof of Concept This kind of attack is similar to ApeCoin Airdrop attack. To determine who is winng the current drawing, there is a hashUserWon function: function hasUserWonaddress user...

LOWER BOUNDARY OF DRAWING TOKEN RANGE IS TOO LOW

Lines of code Vulnerability details Impact The current logic in VRFNFTRandomDraw.sol could lead to undesirable edge cases due to allowing the lower limit of the drawing token range to be as low as 2. It could lead to a long drag before the raffle could end or cancel if one of the drawing tokens i...

TradingLibrary#verifyPrice doesn't check if data is fresh which can lead to costly downtime

Lines of code Vulnerability details Impact verifyPrice may check against stale data causing valid transactions to revert Proof of Concept if chainlinkEnabled && chainlinkFeed != address0 int256 assetChainlinkPriceInt = IPricechainlinkFeed.latestAnswer; if assetChainlinkPriceInt != 0 uint256...

[NAZ-M1] fulfillRandomWords() Must Not Revert

Lines of code Vulnerability details Impact In the current implementation of fulfillRandomWords can revert which it is not supposed to. Proof of Concept In the Chainlink documentation it states: "If your fulfillRandomWords implementation reverts, the VRF service will not attempt to call it a secon...

Delayed contests might be rugpulled by admin

Lines of code Vulnerability details In order to guarantee the raffle NFT will not be stuck in the contract, there’s a last resort option which allows the admin the reclaim the NFT from the contract. However, the timestamp as from which this action can take place, is calculated based on when the...

Not enough margin pulled or burned from user when adding to a position

Lines of code Vulnerability details Impact When adding to a position, the amount of margin pulled from the user is not as much as it should be, which leaks value from the protocol and lowering the collateralization ratio of tigAsset. Proof of Concept In Trading.addToPosition the handleDeposit...