10190 matches found
Attackers can obtain rewards through the NFT of the flash loan winning ID
Lines of code Vulnerability details Impact The contract judges whether the user has won a prize, but only judges whether the owner of the nft with the specified ID is equal to the user's address user == IERC721EnumerableUpgradeablesettings.drawingToken.ownerOf request.currentChosenTokenId ; But i...
Function fulfillRandomWords in VRFNFTRandomDraw contract must not revert
Lines of code Vulnerability details The VRFNFTRandomDraw contract implements the Chainlink VFR feature to pull random data to select the raffle winner. As per their security guidelines the implementation of the fulfillRandomWords function must not revert. Impact If the fulfillRandomWords function...
Raffle is fair only if tokenRange is a power of 2.
Lines of code Vulnerability details Impact Based on the contract logic, the raffle works by sampling a value $ x \in \mathbbZ | 0 \leq x \lt 2^256 $ aka uint256 from a uniform distribution provided by Chainlink VRF, then applying modulo tokenRange, generating a new value $ y \in \mathbbZ | 0 \leq...
Frontrunning the winnerClaimNFT is possible
Lines of code Vulnerability details Impact The winner in the NFT raffle may be frontrun if he has listed his NFT for sale on a marketplace, stealing his raffle NFT. Proof of Concept A new VRFNFTRandomDraw Clone contract is deployed using makeNewDraw, with some NFT collection as drawingToken and...
Ignored return value from "IERC20.transferFrom()"
Lines of code Vulnerability details Impact The return value from IERC20.transferFrom in "StableVault" was not checked, a malicious actor could first deposit a number of tokens without actually having it and then subsequently withdraw that amount of tokens from the "StableVault" Proof of Concept...
Winning NFT owner/admin can rug pull attack or DoS attack on winner by removing the winning NFT.
Lines of code Vulnerability details Impact Given the current logic, it is possible to call the redraw method even after recoverTimelock has passed. If the owner does so, the contract will select a new winner for the winning NFT. But it will be up to the owner to give as much time to the winner to...
Distribute is open to rewards manipulation
Lines of code Vulnerability details Impact The distribute function is prone to manipulation by the first depositor if the totalShares is low, since the result of transferFrom in distribute is not checked. This can happen if a malicious user calls createLock whereby shares = 1 then calls distribut...
Lack of validation on price feeds
Lines of code Vulnerability details Impact Lack of validation on Chainlink price feeds may result in incorrectly functioning or non-functioning protocol. For example: during high volatility a price feed may be suspended or become stale; on L2 networks the sequencer might be down on L2 networks th...
Wrong update of stoploss in TradingExtension._limitClose()
Lines of code Vulnerability details Impact TradingExtension.limitClose returns a wrong stoploss which is favorable for users and it would be a significant loss for the protocol. Proof of Concept TradingExtension.limitClose is used to set takeprofit/stoploss prices for the pending order and execut...
Pool with any fee tier can be created
Lines of code Vulnerability details Impact Pool with any fee tier can be created Proof of Concept There is a section in this medium: In Fee Structure: Maverick AMM supports initializing pools with arbitrary fee rates, but it is expected that LPs will choose from one of the following βstandardβ fe...
Lack of access control in AllowedMsgSenders contract.
Lines of code Vulnerability details Impact setAllowedMsgSenders lacks access control. This enables anyone to set themselves as an allowed message sender and call the send in tokenSender.sol to transfer out any amount bypassing all the checks imposed in the hooks. Proof of Concept...
Admin may take non-fee baseTokens from Collateral.sol
Lines of code Vulnerability details Description In Collateral.sol, deposit and withdraw functions are subject to fees. They are either sent directly to the treasure in deposit / withdraw hooks, or are kept in the Collateral contract for safekeeping. Later, manager can use managerWithdraw function...
An operator can bypass the withdrawal limits
Lines of code Vulnerability details Impact An operator can bypass the withdrawal limits if he withdraws when the lastUserPeriodReset + userPeriodLength or lastGlobalPeriodReset + globalPeriodLength is less than the block.timestamp. This causes a DOS as well since globalAmountWithdrawnThisPeriod...
Pool._amountToBin() returns a wrong value when protocolFeeRatio = 100%.
Lines of code Vulnerability details Impact Pool.amountToBin returns a larger value than it should when protocolFeeRatio = 100%. As a result, bin balances might be calculated wrongly. Proof of Concept delta.deltaInBinInternal is used to update the bin balances like this. if tokenAIn binBalanceA +=...
Anyone can set the accountList object
Lines of code Vulnerability details Impact The setAccountList function which is the function that is responsible to set the account list object is made public with no access control on the AccountListCaller contract, Proof of Concept truffle console --networkId 555 compile attacker = "choose...
Redeem should revert if the TokenSender.sol doesnβt have enough outputtoken to reimburse to users.
Lines of code https://github.com/prepo-io/prepo-monorepo/blob/49a7ed94272db013245d9364e69be713a8aef0a2/apps/smart-contracts/core/contracts/TokenSender.solL41 Vulnerability details According to the comments in the code of RedeemHook.hook function : Once a market has ended, users can directly settl...
depositAndTrade::exactInputSingleParams the possible return values not checked
Lines of code Vulnerability details Impact The return values ββfrom collateral.deposit and collateral.transferFrom are not used. This means that the values ββreturned by those functions will not be stored or used in the code. The swapRouter.exactInputSingle function also likely returns no value, ...
Pool prices can be greatly skewed and exploited
Lines of code Vulnerability details Impact Token prices in the pool can be manipulated and set to values with great deviation from its originally intended ratio right after the pool has been created. With all key parameters already initialized at the constructor, liquidity in the pool is deemed...
Irrelevant error message from PrePOMarket.redeem() worries users
Lines of code Vulnerability details Impact Users may receive error messages fee = 0 whenever making a redemption from PrePOMarket contract if the redemption amout is not enough. The error message is irrelevant to users. It's related to the protocol processing the redemption. If a user receives...
Router can perform swaps, add/remove liquidity to pools that do not belong to the protocol.
Lines of code Vulnerability details Impact Users can lose their funds PoC In UniswapV3 decodeFirstPool returns the tuple address tokenOut, address tokenIn, uint24 fee . From there it lookups the corresponding pool address with getPooltokenIn, tokenOut, fee which may not exist. See However, in you...
Pool.sol : Lack of slippage protection for swap
Lines of code Vulnerability details Impact Due to lack of slippage protection, user may suffer and incur loss of func in adverse condition. Proof of Concept Swap function is used to swap one toke for another token. While the swap function has check to ensure for exactOutput, but it does not have...
Ability to redeem excess collateral
Lines of code Vulnerability details Vulnerability details redeem of PrePOMarket.sol redeems long and short tokens in exchange for collateral tokens. Long and short tokens are default ERC20 tokens with 18 decimals, while the collateral ERC20 token uses the decimals of the underlying base token. Th...
Owner can rug PrePOMarket using re-initialized finalLongPayout.
Lines of code Vulnerability details Description In PrePOMarket.sol, the finalLongPayout represents the finalized value of a single long token in the market. It is settled post ICO / IPO according to predetermined rules. The issue is that this value may be re-initialized as many times as owner...
Storage collision in Collateral.sol
Lines of code Vulnerability details Vulnerability details collateral.sol is an upgradeable contract. Upgradeable contracts should not use the constructor to initialize variables, as these will be set in the contract storage of the implementation contract, instead of the intended contract storage ...
Users can get free collateral when using non-reverting on failure baseTokens
Lines of code Vulnerability details Impact A user calling Collateral's deposit function when baseToken is a non-reverting on failure ERC20 token, can get an arbitrary amount of collateral without actually depositing a single base token in the contract. function depositaddress recipient, uint256...
Unlimited Global & User Withdrawal right after previous period ends and new period begins
Lines of code Vulnerability details Impact Checks for Global and User Withdraw Limit Per Period are missing for the first withdrawal request right AFTER period length expires and a new period begins. First withdrawal request amount after period length expires can be way higher than...
Deposit record does not update properly for withdrawals
Lines of code Vulnerability details Impact A side effect of calling deposit in the Collateral contract is that the userToDeposits map in the DepositRecord contract is updated. However, when the user withdraws funds, this userToDeposits map is not updated to reflect their total deposited amount. T...
TWA update is not correct
Lines of code Vulnerability details Impact Time-warped-price is updated incorrectly and this affects moving bins. Proof of Concept The protocol updates twa on every swap and uses that to decide how to move bins. But in the function swap, the delta's endSqrtPrice can not contribute negatively to t...
Pool creator can manipulate the price whatever they want
Lines of code Vulnerability details Impact Pool creator can manipulate the price whatever they want, user that not aware of this may swap in suboptimal price. Proof of Concept When a pool is created using the factory, the creator needs to supply a few parameters: function createuint256 fee, uint2...
user's funds lock and incorrect code behavior because users withdrawal amount won't get reset for all users in each userPeriodLength in WithdrawHook contract
Lines of code Vulnerability details Impact according to the comments in code: "Every time userPeriodLength seconds passes, the amount withdrawn for all users will be reset to 0" . but in current implementation only one of the users userToAmountWithdrawnThisPeriod value gets reset and this will...
MintHook doesn't allow users with NFT score requirement to mint
Lines of code Vulnerability details Impact The depositHook contract checks that users are allowed to deposit either if they are on the allow list or if they have the required NFT score: if !accountList.isIncludedsender requiresatisfiesScoreRequirementsender, "depositor not allowed"; However, once...
Overflow in BinMap can break pool
Lines of code Vulnerability details Impact The BinMap library performs multiplication on int32 values that can potentially overflow and cause the corresponding function calls to revert. The functions in question are used by essential Pool methods such as Pool.addLiquidity or Pool.swap and an...
Use wrong reserve values in Pool.addLiquidity()
Lines of code Vulnerability details Impact When doing Pool.addLiquidity, it would call bin.addLiquidity to add liquidity to the bins. And the calculation in bin.addLiquidity should be based on the amount of new tokens and the binβs existing reserves. However, Pool.addLiquidity uses temp.deltaA an...
A whale user is able to cause freeze of funds of other users by bypassing withdraw limit
Lines of code Vulnerability details Description In Collateral.sol, users may withdraw underlying tokens using withdraw. Importantly, the withdrawal must be approved by withdrawHook if set: function withdrawuint256 amount external override nonReentrant uint256 baseTokenAmount = amount...
Insufficient support for fee-on-transfer type of ERC20
Lines of code Vulnerability details Some ERC20 token implementations have a fee that is charged on each token transfer. This means that the transferred amount isn't exactly what the receiver will get. A call to IERC20token.transferrecipient, 100 with a fee-on-transfer FOT of 5% will entitle the...
Long and short tokens can continue to be minted even after expiry
Lines of code Vulnerability details Impact Users can mint after expiry but before the final price has been set Proof of Concept function mintuint256 amount external override nonReentrant returns uint256 requirefinalLongPayout MAXPAYOUT, "Market ended"; requirecollateral.balanceOfmsg.sender =...
Unsafe downcasting in TWA.sol truncate TWAP price
Lines of code Vulnerability details Impact Unsafe casting operation in TWA.sol truncation price. Proof of Concept the pool relies on the TWAP price to function properly, however, the code in TWA.sol sliently downcasting the price, which can truncate the price and affect user's trading unexpectedl...
Infinite approval given to DepositTradeHelper contract can be misused by malicious actors
Lines of code Vulnerability details Impact depositAndTrade function in DepositTradeHelper account has infinite approval to spend baseTokens & collateralTokens of user using offChain signatures. However, once swapRouter executes UniV3 swap transaction on line 33, the contract does not give up its...
Liquidity cannot be removed by an approved address via Router
Lines of code Vulnerability details Impact Using the Router, liquidity can only be removed by the owner of an NFT, which significantly limits liquidity management. The Pool contract, however, does allow approved addresses to remove liquidity. Proof of Concept The Router contract is a higher level...
Pool calls to toScale can revert
Lines of code Vulnerability details Pool calls to toScale can revert Impact A division by 0 would revert the code. If wrongly assigned value in constructor to tokenAScale or tokenBScale, toScale calls would always revert. Proof of Concept constructor uint256 fee, uint256 tickSpacing, int32...
Attacker can set anyone as the tokenSender role
Lines of code Vulnerability details Impact The setTokenSender function which is the function that is responsible to set the token sender role is made public with no access control, which makes attacker escalate his privileges to the token sender role Proof of Concept truffle console --networkId 5...
Aggregated reserve amounts should be used instead of the first valid tick liquidity
Lines of code Vulnerability details Impact Liquidity can be biased on a specific side quote vs base and it is even possible a liquidity provider gets more LP tokens. Proof of Concept According to the PDF document provided, the number of LP tokens newSupply is calculated using the Table 1 as below...
Mint might result in too few tokens minted
Lines of code Vulnerability details mint of PrePOMarket.sol allows the team to mint new short and long tokens in exchange for collateral tokens. Long and short tokens are default ERC20 tokens with 18 decimals, while the collateral ERC20 token uses the decimals of the underlying base token. Howeve...
Protocol is not able to account for baseTokens generating yield
Lines of code Vulnerability details Impact The protocol's logic is based on the assumption that, while deposited, the underlying baseTokens will generate yield, which accrues to the Traders holding Collateral Tokens. However, there is no mechanism in Collateral.sol to allow it to account for this...
Broken access control on TokenSenderCaller contract
Lines of code Vulnerability details Impact The setTreasury function which is the function that is responsible to set the treasury role is made public with no access control, which makes attacker escalate his privileges to treasury Proof of Concept truffle console --networkId 555 compile user =...
Incompatibility With Rebasing/Deflationary/Inflationary tokens
Lines of code Vulnerability details Impact The Maverick AMM does not appear to support rebasing/deflationary/inflationary tokens whose balance changes during transfers or over time. The necessary checks include at least verifying the amount of tokens transferred to contracts before and after the...
Wrong variable is used for the first parameter of depositHook.hook()
Lines of code Vulnerability details Impact Recipient is treated wrongly as sender. Proof of Concept As written here See DepositHook.solL43-L52, the first accepted parameter should be the sender. However, recipient See Collateral.solL53 is passed in here. Tools Used Manual Recommended Mitigation...
Merged status is not updated and bins are not reset.
Lines of code Vulnerability details Impact Bins are not removed while removing liquidity and this can lead to serious problems. Proof of Concept While removing liquidity, if the target bin is a merged one mergeId!=0, the protocol does further calculations regarding mergeBinBalance. // Bin.sol 126...
There is no option to cancel an EMERGENCY mode.
Lines of code Vulnerability details Impact There is no option to cancel an EMERGENCY mode in the pool. Once the pool is in an EMERGENCY mode, the pool can't work as normal forever. Proof of Concept The pool can be changed to an EMERGENCY mode by adminAction. function adminActionuint256 action,...
function mint() in PrePOMarket shouldn't accept deposits after expiryTime of Market
Lines of code Vulnerability details Impact Function mint Mints Long and Short tokens in exchange for amount collateral and according to the comment in the IPrePOMarket: "Minting is not allowed after the market has ended." but there is no check or restriction in the code that to make sure minting ...