Cannot withdraw 1:1

Lines of code Vulnerability details function testX public uint256 mintAmount = 10e18; NOTE.mintalice, mintAmount; vm.startPrankalice; NOTE.approveaddressasdToken, mintAmount; asdToken.mintmintAmount; uint256 newExchangeRate = 1.1e28; cNOTE.setExchangeRatenewExchangeRate; vm.startPrankowner;...

There is potential underflow and overflow issues in arithmetic operations in the _getRewardsSinceLastClaim function

Lines of code Vulnerability details Impact There are potential underflow and overflow issues in arithmetic operations. Not being able to verify that subtracting lastClaimedValue from shareDataid.shareHolderRewardsPerTokenScaled would result in a negative value. This could lead to affecting the...

Incorrect fee splitting logic

Lines of code Vulnerability details Impact The fee splitting logic does not properly attribute holder and creator rewards. By splitting fees from the total rather than incrementally, it distorts the proportional rewards earned over time. This could undermine the incentive structures and alignment...

Creator can earn holder fee

Lines of code Vulnerability details Impact Creator can earn creator and holder as well. Proof of Concept In market.sol contract there is a buy function which cannot be used by creator of share. requireshareDataid.creator != msg.sender, "Creator cannot buy"; However, it's still possible for creato...

Unhandled contract ownership states can lead to unexpected behaviour

Lines of code Vulnerability details Impact OpenZeppelin's Ownable2step library's ownership states can lead unexpected behavior in certain functions Proof of Concept The ownable2step contract includes a pendingOwner entity which defines an address ownership has been transferred to but has not...

Not enough check for getPriceAndFee

Lines of code Vulnerability details Impact Edge cases for getPriceAndFee can cause incorrect price to be returned and in turn cause incorrect tokens to be sent to the user. This can occur in the buy and sell function. Proof of Concept In the buy function the function getBuyPrice is called through...

initialization of amount without permission

Lines of code Vulnerability details Impact if users want to pass the input value as 0 which user can pass because there is no require checks for that. in line number 79 amount = maximumWithdrawable this override the amount variable and make it equals to uint256 maximumWithdrawable =...

asD.sol::mint & asDFactory.sol::create allows an attacker to mint legitimate aSD with counterfeit underlying $NOTE

Lines of code Vulnerability details Impact When creating an aSD token using create from the asDFactory.sol, there's the cNote address reference to specify and set. A malicious user can deploy a counterfeit NOTE underlying token that isn't legit or backed by anything and set/reference it as...

First deposit of 1 Wei will block further rsETH minting

Lines of code Vulnerability details Impact If the initial deposit in the DepositPool is 1 wei of any supported token rETH, cbETH, or stETH, 1 wei of rsETH will be minted for the first depositor. However, subsequent rsETH minting will be prevented because the rsethAmountToMint will always round do...

Saving balance of token in variable can lead to wrong amount transfer or failure

Lines of code Vulnerability details Impact Saving contract balance into variable will result in wrong price being transferred using the depositIntoStrategy method which will cause the transfer to fail if balance is less than transferred and wrong amount transferred if amount increases. Proof of...

rsETH can return incorrect price because of future EigenLayer strategies

Lines of code Vulnerability details Impact How currently rsETH price is calculated? totalEthLocked is divided by rsETH supply. How totalEthLocked is calculated? It sums 3 amounts per every asset: 1 balance of LRTDepositPool.sol, 2 balance of all node delegators, 3 already deposited amount of asse...

Attacker can Grief The Call to depositAsset Making It Impossible For The Victim To Deposit

Lines of code Vulnerability details Impact The attacker can grief the victim , making him unable to deposit asset into the pool. Proof of Concept The attack flow is as follows - Alice decides to deposit assets into the LRTDepositPool.sol , she calls depositPool here At L152 the function makes the...

getAssetPrice in ChainlinkPriceOracle.sol can return stale price.

Lines of code Vulnerability details Summary On chainlink oracle for every pair of tokens price updating time is different. After that particular time the price will be updated. getAssetPrice function is not checking when the last time the price was updated. So it may return stale price . So the...

DepositPool is susceptible to the inflation attack

Lines of code Vulnerability details Summary The DepositPool contract is susceptible to the Inflation Attack, in which the first depositor can be front-runned by an attacker to steal their deposit. Impact The DepositPool pool contract acts mainly as a vault: accounts deposit LST assets and get bac...

Missing pause checks in LRTOracle

Lines of code Vulnerability details Summary The LRTOracle oracle provides functionality to pause the contract but no restrictions are applied when the contract is in a paused state. Impact Similar to the other contracts in the protocol, the LRTOracle contract offers pausing functionality: 101: //...

The staker could silently lose all their previously deposited assets when revert TokenTransferFailed() is called

Lines of code Vulnerability details Impact The staker could silently lose all their deposited assets in the NodeDelegator.sol function when they time to transfer their assets. This could happen when the staker owns assets in the Eigen but it is not enough to be transferred when the calculated...

Precision loss in getRSETHPrice

Lines of code Vulnerability details Impact Precision loss and return zero price by Oracle Proof of Concept Since the value of staked ether increases, the price of RSETH goes above ETH price and leads to a precision loss in the getRSETHPrice function of the oracle, and RSETH price becomes zero...

Missing check on deposited amount

Lines of code Vulnerability details Impact depositAsset transfers tokens from the sender without checking that the amount was indeed received. If the protocol were to accept other tokens than stETH, rETH, and cbETH, there is a possibility that some of the newly accepted tokens have custom ERC20...

ChainLink's latestAnswer is deprecated

Lines of code Vulnerability details Impact Chainlink's documentation indicates that the latestAnswer function is deprecated. This function lacks reversion if no answer is obtained, instead returning 0. Additionally, the reported latestAnswer varies with 18 decimals for some token quotes and 8...

No slippage and / or deadline protection in depositAsset()

Lines of code Vulnerability details Proof of Concept The function depositAsset allows a user to deposit a specific amount of any supported token and, in return, receive a specific amount of rsETH. This amount of rsETH is calculated by dividing the total value of deposited assets in ETH by the pri...

Deriving the price with balanceOf() is dangerous

Lines of code Vulnerability details Impact Deriving the price with balanceOf is dangerous as it can easily be manipulated by direct transfers. Proof of Concept In the getAssetDistributionData function, the asset lying in the LRTDepositPool is retrieved using balanceOfaddressthis:...

Users could game oracle price deviation

Lines of code Vulnerability details Summary Prices returned from Chainlink oracles have different conditions to update the reported values, which can be abused by Impact Prices for the different LST assets supported in the Kelp protocol are obtained from a Chainlink oracle. The data feeds for eac...

Decimal Precision Issue in Price Calculations

Lines of code Vulnerability details Impact The getRSETHPrice function perform calculations like multiplying prices by amounts without considering the token decimals. This can cause errors to accumulate over multiple calculations. Ignoring token decimals when performing price calculations can caus...

Use contracts-upgradeable instead of contract variants of OpenZeppelin

Lines of code Vulnerability details Impact OpenZeppelin’s contracts variants when used with upgradeability will result in negative impact on the overall contract functionality. Check this OpenZeppelin warning about mixing contract variants with upgradeable-contract. Proof of Concept Upgradeable...

Missing slippage check in deposit function

Lines of code Vulnerability details Summary Users depositing in the protocol have no control over the amount of RSETH minted in return for their deposit. Impact The depositAsset function present in the LRTDepositPool contract allows users to deposit any of the supported assets into the protocol i...

Too small deposits will result in no rsEth mint for the

Lines of code Vulnerability details Impact User will get nothing if the deposit amount is too small . Proof of Concept The getRsETHAmountToMint is for getting the conversion rate of asset to rsEth . /// @return rsethAmountToMint Amount of rseth to mint function getRsETHAmountToMint address asset,...

Deposit into strategy could be blocked by limits in EigenLayer

Lines of code Vulnerability details Summary The implementation of depositAssetIntoStrategy deposits the entire balance of the node delegator which could conflict with the max limits per deposit defined in EigenLayer. Impact NodeDelegator are responsible for managing assets in EigenLayer. The...

First depositor will get twice more minted token for the same amount deposited

Lines of code Vulnerability details Impact The initial depositor stands to gain an unfair amount of RSETH tokens compared to later depositors, as a result of the fixed exchange rate of 1 ether when no RSETH supply exists i.e., no minted tokens are available. Consequently, the first deposit will...

getRSETHPrice formula is wrong

Lines of code Vulnerability details Impact While auditing the getRSETHPrice function i've indicated a dynamic but non-linear relationship between the supply of the RSETH token and its price.An increase in RSETH supply is associated with an increase in the price of RSETH. Proof of Concept Let's...

Funds cannot be withdrawn from EigenLayer

Lines of code Vulnerability details Impact NodeDelegator contracts handle depositing LSTs into EigenLayer to earn yield. However the contract lacks functions to withdraw those tokens afterwards, meaning they will become trapped in the EigenLayer protocol. This breaks the functionality of the...

The rsETH price can be manipulated easily when the deposit is low

Lines of code Vulnerability details Impact The rsETH price can be manipulated easily when the deposit is low, since the price is relies on the contracts' balance. Proof of Concept The rsETH's price is calculated by $\fractotalassetvaluetotalsupply$, and when supply is zero, the price will be 1...

getRSETHPrice() of LRTOracle.sol will return 0 totalETHInPool is less than rsEthSupply.

Lines of code Vulnerability details Summary If totalETHInPool is less than rsEthSupply then getRSETHPrice will return 0 as price of rsEth in Eth. It will result in reverting when depositAsset of LRTDepositPool.sol is called. Because getRsETHAmountToMint will revert when rsEth price is 0 and it is...

Potential arbitrage opportunity

Lines of code Vulnerability details Impact According to the logic of the protocol , minted tokens can be swapped on AMMs. This is a serious problem as prices on AMMs follow a bonding curve that are independent from the Chainlink pricing feed. This will create arbitrage opportunities for hackers t...

Staleness Vulnerability in chainlinkAdaptor's getAssetPrice function

Lines of code Vulnerability details Impact The current implementation of the getAssetPrice function in the chainlinkAdaptor contract lacks a crucial check for the heartbeat of the data feed, introducing a potential risk of consuming stale data. This issue is exacerbated by the fact that different...

Intrinsic arbitrage between assets due to price feed deviation threshold

Lines of code Vulnerability details Impact Withdrawals have not yet been implemented but I assume it will be implemented in the usual way such that the fraction of total supply of rsETH a user redeems gives him an equal fraction of total assets held, i.e. received = sharesToRedeem totalAssets /...

Upgraded Q -> 2 from #481 [1700080840600]

Judge has assessed an item in Issue 481 as 2 risk. The relevant finding follows: A blocked/sanctioned account can still received interest --- The text was updated successfully, but these errors were encountered: All reactions...

User can not receive own assets back

Lines of code Vulnerability details Impact The user has the opportunity to deposit tokens, but does not have the opportunity to withdraw them back. Consequently, his tokens will be locked in the contract and he will not be able to take them back. Yes, the contract is upgradable - but this does no...

The initial deposit of an asset will always fail due to the fact that getTotalAssetDeposits() returns 0.

Lines of code Vulnerability details Impact The LRTDepositPooldepositAsset function is employed for users to deposit supported assets. This function relies on LRTDepositPoolgetTotalAssetDeposits to determine the amount of rsETH to be minted. However, the absence of initial deposits in the...

Precision loss in getRsETHAmountToMint

Lines of code Vulnerability details Impact users may lose their assets Proof of Concept The price of rsETH increases against ETH price, this leads to precision loss in getRsETHAmountToMint. Consider a scenario that one rsETH worth 10 ETH; now if a user tries to deposit 9 ETH he losses assets due ...

latestRoundData recommendation does not have consideration for stale price

Lines of code Vulnerability details Impact The issue is highlighted in the bot L-2 finding but fail to highlight the importance for checking stale price. The ChainlinkPriceOracle when calls out to a Chainlink oracle receiving using the recommended latestRoundData it can get stale price, if there ...

Malicious first depositor can steal all funds from all future depositors

Lines of code Vulnerability details Impact Due to a miscalculation in LRTOraclegetRSETHPrice, users who call LRTDepositPooldepositAsset when rsETH.totalSupply is non-zero will receive fewer rsETH tokens than they should due to a rounding error. This can be exploited by a malicious first depositor...

Fractional shares are not respected

Lines of code Vulnerability details Impact getRSETHPrice will return the rate at which RSETH are being minted as to maintain each user stake in balance. Goal is to maintained fractional shares. However, since users are expected to swap on external AMMs, the fractional share will not be kept as AM...

Missing sanity checks in Chainlink response

Lines of code Vulnerability details Summary Chainlink responses from price feeds are being used without any sanity checks. Impact The ChainlinkPriceOracle contract is used to interface with the Chainlink price feeds for the different LST assets in scope in the protocol. The current implementation...

The deposited amount is included in how rsEthAmountToMint is calculated and it should not. Second depositors get less rsETH shares than deserved.

Lines of code Vulnerability details Impact All deposits, starting with the second one, incur a loss in the received rsETH amount. Proof of Concept LRTDepositPool::depositAsset helps users to stake LST in exchange for rsETH shares. First the LST is transferedFrom user to depositPool and rsETH is...

Biased rsETH price calculation in depositAsset results in lesser rsETH minted to user

Lines of code Vulnerability details Impact The LRTDepositPool acts as a simplified vault allowing restakers to transfer their liquid staked tokens and receive rsETH tokens based on the current rsETH exchange rate. rsETH are minted to user by interacting with depositAsset function of LRTDepositPoo...

Mint amount calculation in deposit is incorrect

Lines of code Vulnerability details Summary The calculation in the deposit function of the DepositPool contract is flawed as it factors the deposited amount into the RSETH price to calculate the amount to mint. Impact When a user deposits in the DepositPool contract, the amount of RSETH to mint i...

No slippage control on deposit of LRTDepositPool.sol

Lines of code Vulnerability details Impact There is no slippage control on depositAsset of LRTDepositPool, which expose user to sandwich attack. Proof of Concept Any deposit can be sandwiched in LRTDepositPool, especially when the pool is not balanced. Exploit Scenario: Bob, a normal user, calls...

Changing rsETH address breaks contract

Lines of code Vulnerability details Impact manipulating rsETH price Proof of Concept admin can change rsETH token address, while total supply of rsETH is used to calculate its price changing rsETH address changes its price. Tools Used Manual Review Recommended Mitigation Steps prevent changing...

stETH/ETH, rETH/ETH and cbETH/ETH chainlink oracles has too long of heartbeat and deviation threshold which can cause loss of funds

Lines of code Vulnerability details ChainlinkPriceOracle fetches prices from the Chainlink contracts. But the price feeds in the consideration has a very long price heartbeat and deviation rate which might lead to wrong price calculation and loss of token to the user. Impact According to the...

Upgraded Q -> 2 from #19 [1700023001465]

Judge has assessed an item in Issue 19 as 2 risk. The relevant finding follows: Borrower can abuse enterMarkets to force liquidator can pay more fund --- The text was updated successfully, but these errors were encountered: All reactions...