Decimals of the oracle is not checked

Lines of code Vulnerability details Impact Decimals of the Chainlink oracle is not checked, it is assumed to have the same unit as BASECURRENCYUNIT but it might not always be the case. If the oracle use a different number of decimals all the price will be wrong by magnitudes. Proof of Concept...

Router.exactInputInternal doesn't check that swapped amount is same as amountIn provided by user

Lines of code Vulnerability details Impact Router.exactInputInternal doesn't check that swapped amount is same as amountIn provided by user. In case if it's not, then exact function doesn't do what it should. It doesn't trade exact amount of tokens. Proof of Concept If user calls...

Buys and refunds can get stuck forever if the parameters are not set sensibly in the LPDA

Lines of code Vulnerability details Impact In the LPDA contract, there is a function called getPrice which returns the price of one token by taking into account the drop in price per second of the Dutch auction. It basically calculates how much time was elapsed since the start of the sale, to...

NFTFloorOracle price feeders can be removed by anyone

Lines of code Vulnerability details Impact The nfts price feeders in the NFTFloorOracle contract should be added or removed only by the admin but because the removeFeeder function is missing the onlyRoleDEFAULTADMINROLE modifier any user can remove a feeder, this could impact the whole protocol i...

PoolAdmin can steal NFT from NTokens

Lines of code Vulnerability details Impact The executeAirdrop function allow pool admin to execute arbitrary call to arbitrary contract, including a transferFrom call to the underlying NFT contract. This can be used by the pool admin to steal NFT inside the NToken contracts. Since the rescueERC72...

Price can deviate by much more than maxDeviationRate

Lines of code Vulnerability details Description NFTFloorOracle retrieves ERC721 prices for ParaSpace. maxPriceDeviation is a configurable parameter, which limits the change percentage from current price to a new feed update. function checkValidityaddress asset, uint256 twap internal view returns...

Use of payable.transfer() may lock user funds

Lines of code Vulnerability details Impact The use of payable.transfer is heavily frowned upon because it can lead to the locking of funds. The transfer call requires that the recipient has a payable callback, only provides 2300 gas for its operation. This means the following cases can cause the...

MintableIncentivizedERC721 and NToken do not comply with ERC721, breaking composability

Lines of code Vulnerability details Description MintableIncentivizedERC721 implements supportsInterface as below: / @dev See IERC165-supportsInterface. / function supportsInterfacebytes4 interfaceId external view virtual overrideIERC165 returns bool return interfaceId ==...

LPDA sales can potentially have buying function reverting indefinately due to negative price

Lines of code Vulnerability details Impact While i'm assuming there are checks for this on UI or off-chain, this wasn't mentioned in the docs or the comments, so its worth flagging and possibly implementating the mitigation step as a precaution since it is also cheap on gas. The price can...

WPunk will become locked if liquidator ops to receive the underlying token instead of nToken

Lines of code Vulnerability details Impact WPunks received directly as the result of liquidation will be unable to be withdrawn Proof of Concept function withdrawPunkuint256 calldata punkIndexes, address to external nonReentrant INToken nWPunk = INToken Pool.getReserveDataaddressWPunk.xTokenAddre...

LPDA sale getPrice() will be broken after time because of overflow calculation

Lines of code Vulnerability details Impact LPDA sale is stand for “Last Price Dutch Auction”, which means price will drop every second from startPrice. After all NFTs are saled, it will recorded the finalPrice at the time the sale finished with the formula startPrice - dropPerSecond timeElapsed...

Implementation can be self destruct by deployer, effectively break all running sale and lock all assets.

Lines of code Vulnerability details Impact Sale in Escher is deployed using minimal proxy pattern, where there is only 1 implementation contract is deployed to save deployment gas. Also, in Open Edition and FixedPrice sale, when sale is not started yet, owner can cancel it, self destruct the prox...

Fallback oracle is unusable when primary oracle is not updated

Lines of code Vulnerability details Description Paraspace implemented their own Oracle wrapper in ParaSpaceOracle.sol. The important function getAssetPrice is used by many logic functions like health check. function getAssetPriceaddress asset public view override returns uint256 if asset ==...

Anyone can prevent themselves from being liquidated as long as they hold one of the supported NFTs

Lines of code Vulnerability details Contrary to what the function comments say, removeFeeder is able to be called by anyone, not just the owner. By removing all feeders i.e. floor twap price oracle keepers, a malicious user can cause all queries for the price of NFTs reliant on the NFTFloorOracle...

If very few NFTs have been sold saleReceiver will have to buy all remaining NFT to retrieve the contract funds.

Lines of code Vulnerability details Impact If very few NFTs have been sold saleReceiver will have to buy all remaining NFTs if he want to get the funds that he obtained during the mint period. Fortunately, It is still possible to mint NFT after temp.endTime because the following check is not done...

[NAZ-H2] Update Initializer Modifier To Prevent Reentrancy During Initialization

Lines of code Vulnerability details Impact Currently the project uses both : "@openzeppelin/contracts": "4.2.0", "@openzeppelin/contracts-upgradeable": "4.2.0". This dependency has a known high severity vulnerability Deserialization of Untrusted Data Proof of Concept Because of the Deserializatio...

NFTFloorOracle trust feeder without any fallback

Lines of code Vulnerability details Impact In the current design, NFTFloorOracle take the median of valid feeder price as the oracle price. This design can be dangerous if more than half as few as 2 of the feeders decided to collude and publish malicious prices. If they set the price higher, they...

Attacker can manipulate low TVL Uniswap V3 pool to borrow and swap to make Lending Pool in loss.

Lines of code Vulnerability details Impact In Paraspace protocol, any Uniswap V3 position that are consist of ERC20 tokens that Paraspace support can be used as collateral to borrow funds from Paraspace pool. The value of the Uniswap V3 position will be sum of value of ERC20 tokens in it. functio...

NFTs mintable after Auction deadline expires

Lines of code Vulnerability details Impact The buy function on the LPDA.sol contract is not validating if the auction is still running, allowing a purchase to be made after the stipulated time. The endtime variable used to store the end date of the auction is not used at any point to validate...

Some arbitrary feeders will not be removable, even by admin.

Lines of code Vulnerability details Description NFTFloorOracle receives data from different "feeders". They are added using addFeeders and removed by removeFeeder. Feeders are managed by two data structures. feeders is an array, each element in the address of the feeder. feederPositionMap maps...

Pausing assets only affects future price updates, not previous malicious updates.

Lines of code Vulnerability details Description NFTFloorOracle retrieves ERC721 prices for ParaSpace. It is pausable by admin on a per asset level using setPauseasset, flag. setPrice will not be callable when asset is paused: function setPriceaddress asset, uint256 twap public onlyRoleUPDATERROLE...

NFTFloorOracle's asset and feeder structures can be corrupted

Lines of code Vulnerability details NFTFloorOracle's addAsset and addFeeder truncate the assets and feeders arrays indices to 255, both using uint8 index field in the corresponding structures and performing uint8assets.length - 1 truncation on the new element addition. 2^8 - 1 looks to be too tig...

Implementing Security Restrictions and Owner Access Controls on LPDA Smart Contract.

Lines of code Vulnerability details Vulnerability details Impact The new changes to the contract add an additional layer of security and restrict access to certain privileged functions. The buy function now requires that only the owner can purchase tokens, which prevents malicious actors from...

Compromised admin can instantly take all NFTs held in NToken contracts

Lines of code Vulnerability details Description executeAirdrop is a function admin may call in order to collect airdrops for NFTs held in ParaSpace's nToken contract. function executeAirdrop address airdropContract, bytes calldata airdropParams external override onlyPoolAdmin require...

Discrepency in the Uniswap V3 position price calculation because of decimals

Lines of code Vulnerability details Impact When the squared root of the Uniswap V3 position is calculated from the getOracleData function, the price may return a very high number in the case that the token1 decimals are strictly superior to the token0 decimals. See: The reason is that at the...

LPDA price is not calculated correctly such that it won't end at the final price as expected

Lines of code Vulnerability details Impact LPDA price is not calculated correctly such that it won't end at the final price as expected Proof of Concept function getPrice public view returns uint256 Sale memory temp = sale; uint256 start, uint256 end = temp.startTime, temp.endTime; if...

The LPDA will keep minting NFTs after the endTime

Lines of code Vulnerability details Impact The users would keep minting from LPDA even if the end time was reached Proof of Concept Please copy the following test on LPDA.t.sol import IEscher721 from "../src/interfaces/IEscher721.sol"; function testRevertsWhenEndedBuy public testBuy; // the testB...

Bad debt will likely incur when multiple NFTs are liquidated.

Lines of code Vulnerability details Description getUserBalanceForERC721 in GenericLogic gets the value of a user's specific ERC721 xToken. It is later used for determining the account's health factor. In case isAtomicPrice is false such as in ape NTokens, price is calculated using: uint256...

Users will get a low amount of NFT if they try to buy a lot of them

Lines of code Vulnerability details Impact If user calls buyamount with a value larger than uint48 it will overflow during casting identical to amount = amount % typeuint48.max and cause unexpected behavior for the user. When a user pays a lot of money for a large amount of NFT, but instead they...

Wrong logic in function _removeFeeder() cause feeders unable to be removed.

Lines of code Vulnerability details Impact In NFTFloorPrice, there are multiple components to allow easy adding/removing keepers address public feeders - List of all keepers' address mappingaddress = FeederPositionindex, register private feederPositionMap When adding new keeper, new keeper addres...

Buy can be executed after sale end

Lines of code Vulnerability details Impact In LPDA.sol buy function when all tokens are minted, the final price is set and the ether from the sale and fee is sent to the saleReceiver and feeReceiver addresses. Since there is no check to validate if sale has ended the function can be executed with...

LAST PRICE DUTCH AUCTION SALE (LPDA) CAN BE EXPLOITED

Lines of code Vulnerability details Impact The function logic of buy in LPDA.sol can be exploited by shrewd buyers to achieve the lowest finalPrice possible. Proof of Concept LPDA.solL58-L89 function buyuint256 amount external payable uint48 amount = uint48amount; Sale memory temp = sale;...

THE FUNCTION LOGIC OF _REMOVEFEEDER() IS FLAWED

Lines of code Vulnerability details Impact When the admin calls removeFeeder, it will internally call removeFeeder that will have the feeder removed from feeders before getting its UPDATEROLE revoked. In the midst of doing this, the protocol forgets to update index of feederPositionMap belonging ...

Artist will never get their payout for their NFT in FixedPrice and OpenEdition

Lines of code Vulnerability details Impact There is no logic for transferring Ether that artist gain from their NFT sales in both FixedPrice and OpenEdition contracts. For these 2 contracts there is only logic for transferring 5% fee to the protocol. Therefore, artist will gain nothing from selli...

Oracle does not treat upward and downward price movement the same in validity checks, causing safety issues in oracle usage.

Lines of code Vulnerability details Description NFTFloorOracle retrieves ERC721 prices for ParaSpace. maxPriceDeviation is a configurable parameter, which limits the change percentage from current price to a new feed update. We can see how priceDeviation is calculated and compared to...

Not possible to finish LPDA after endTime

Lines of code Vulnerability details Vulnerability details The only way to finish the sale is when newId == temp.finalId, making not possible to finish LPDA even if the endTime is already over POC There isn't any function to finalize the LPDA sale even if already finished the sale, the only way to...

overflow in buy function

Lines of code Vulnerability details Impact the function doesn't check if the input is more the supply Proof of Concept the function doesn't have any condition check of amount Tools Used manually Recommended Mitigation Steps check the input for maximum or requirement for max supply --- The text wa...

wrong configuration can lock eth in LPDA contract forever

Lines of code Vulnerability details When creating an LPDA auction there are some sanity checks of the values used for the auction. But there is no check that the auction will not cause the price calculation to underflow after a while. This calculation of the price can underflow in getPrice in...

Denial of Service on the LPDA.sol contract due to incorrect validation of parameters.

Lines of code Vulnerability details Impact The impact is that the contract will be on Denial Of Service, not allowing anyone to get ether out, neither the creator or people via refund. Proof of Concept The functions buyuint256 amount and refund of the LPDA.sol contract both call the function...

Update initializer library to prevent reentrancy during initialization

Lines of code Vulnerability details Since proxied contracts do not make use of a constructor, it's common to move constructor logic to an external initializer function, usually called initialize. It then becomes necessary to protect this initializer function so it can only be called once. The...

In Escher721Factory.createContract any address can be provided as _uri for cloning

Lines of code Vulnerability details Impact The Escher721Factory.createContract function accepts any address as the uri parameter. This parameter is used to clone the uri contract, the address of the new clone is then passed to the Escher721.initialize function. The contract should verify the...

Anyone can remove feeders from NFTFloorOracle.

Lines of code Vulnerability details Impact There is no onlyRole modifier in removeFeeder, so anyone can remove feeders from NFTFloorOracle, and it will cause a DOS attack. Proof of Concept function removeFeederaddress feeder external onlyWhenFeederExistedfeeder //@audit no modifier...

call() should be used instead of transfer() on an address payable

Lines of code Vulnerability details Impact call should be used instead of transfer on an address payable Proof of Concept The use of the deprecated transfer function for an address will inevitably make the transaction fail when: 1. The claimer smart contract does not implement a payable function...

Denial of Service at the LPDA.sol contract due to not be capable of minting an id already minted.

Lines of code Vulnerability details Impact The ether earned by the creator and the fees for the platform can get frozen. Proof of Concept The only way the creator can get out the ether earned by the sale and also the platform to get the feest is by the next code snippet from the buy funtion at th...

LPDA can be initialized with parameters that will revert getPrice()

Lines of code Vulnerability details Impact LPDA Sales can start reverting the buy and refund functions at some point of time if initialized with incorrect parameters revert happens at getPrice function. Users might not be able to withdraw their excess balance using refund function if getPrice...

There isn't an end time on FixedPrice and LPDA sales, and the sale can't be canceled after the sale start.

Lines of code Vulnerability details Impact The sale can't be canceled after the sale start. Moreover, the sale won't end, which contradict the fact that typical NFT sales nowadays have an end time. Even your OpenEdition have an end time. Proof of Concept struct Sale // slot 1 uint48 currentId;...

double user token spending in function executeBuyWithCredit() contract transfer user wETH fund for wETH orders even when user send payment as ETH to contract and contract converted it to wETH (_depositETH() and _delegateToPool() takes user funds when user sends ETH and tries to buy WETH order)

Lines of code Vulnerability details Impact when user wants to buy NFT tokens with wETH asset, and he/she sent ETH to executeBuyWithCredit or executeBatchBuyWithCredit, code would take user tokens two times, one as ETH token in depositETH and one as wETH tokens in delegateToPool so users would pay...

Users can lose funds if they call buy with _amount larger than type(uint48).max.

Lines of code Vulnerability details Impact The function buy take amount of type uint256 as input. amount is used to check if msg.value is correct depending on the sale price as follows: requireamount sale.price == msg.value, "WRONG PRICE"; but is not casted to uint48 as done to calculate the newI...

Ether can be lost in LPDA contract if sale.dropPerSecond is set improperly

Lines of code Vulnerability details Impact Function createLPDASale requires only sale.dropPerSecond 0 but if sale.dropPerSecond sale.startPrice / sale.endTime - sale.startTime function getPrice will revert except the case when all editions are sold before reaching negative price. Therefore, the b...

Lack of verification for _uri parameter in createContract() function in Escher721Factory contract

Lines of code Vulnerability details Impact The impact of this vulnerability is that an attacker could potentially manipulate the token URI for any given token ID in the Escher721 contract created by the Escher721Factory contract. This could potentially allow the attacker to trick users into...